On 4/19/07, Ben Roberts <[EMAIL PROTECTED]> wrote:
Hello there,I need to setup htpasswd protection on a web directory served by Apache. I also need to permit access to the index file in the specified directory, but block access to any other files or subdirectories. So I'm using a configuration like this: <Files index.php> Order deny,allow Allow from all </Files> <Directory "/home/username/www"> AuthType Basic AuthName "Private Area" AuthUserFile /home/username/.htpasswds require user bill ben </Directory> Can anybody tell me why my override of the password protection for index.php files is being ignored?
Because host-based (Allow) and password-based (Require) access control are orthogonal. You can fix your problem by adding "Satisfy Any" to the <Files> block. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
