Re: [users@httpd] how do i leave only DocumentRoot open; all other directories require Auth

[Jacob Coby <jc...@listingbook.com>]

> i am trying to set up a site in such a way that everything requires
> Authentication with the sole exception of the DocumentRoot.

hmm..

> The only option i can see is to create .htaccess files for every
> directory in my site _except_ my DocumentRoot.

One option is to make the rest of your site live off of a single branch of
the document root, and have the .htaccess with the auth requirements in it.
.htaccess files are recursive in nature, so if it doesn't find one in ., it
looks in ../, and then ../../ until it reaches document root.

So, you would have:

www.example.com/index.html
www.example.com/site/everything_else.html

Anything you try to access from /site/* will require auth since there is a
.htaccess in /documentroot/auth, but your index.html should be allowed out
to everyone.

Another option is to use virtual hosts, and have www.example.com be publicly
available, but have www.auth.example.com require authorization.

-Jacob


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org