You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Stephen Bopple <st...@epa.state.oh.us> on 2002/04/09 15:37:02 UTC
help setting up .htaccess with virtual hosts
Hello,
Question regarding setting up .htaccess and virtual hosts. First I've read everything I think I can on the Apache website and in the O'Reilly book and I'm still unsure exactly how to go about this. Basically, I have a webserver setup for virtual hosting. What I want to do is setup one password protected directory in one vitual account that has already fancy indexing enabled. In the past I'd tried enabling .htaccess in the main (or global section) of httpd.conf, but it was ignored when I would setup a .htaccess file in a given - and furthermore it began to mess up access to everyone's php web based email.
What is the preferred, or correct way of doing this? I can provide my httpd.conf and other info.
Steve Bopple, P.E.
Environmental Engineer, Ohio EPA
330-963-1199 (direct)
stephen.bopple@epa.state.oh.us
"Seabees - We Build, We Fight"
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: help setting up .htaccess with virtual hosts
Posted by Owen Boyle <ob...@bourse.ch>.
Stephen Bopple wrote:
>
> Hello,
>
> Question regarding setting up .htaccess and virtual hosts. First I've read everything I think I can on the Apache website and in the O'Reilly book and I'm still unsure exactly how to go about this. Basically, I have a webserver setup for virtual hosting. What I want to do is setup one password protected directory in one vitual account that has already fancy indexing enabled. In the past I'd tried enabling .htaccess in the main (or global section) of httpd.conf, but it was ignored when I would setup a .htaccess file in a given - and furthermore it began to mess up access to everyone's php web based email.
>
> What is the preferred, or correct way of doing this? I can provide my httpd.conf and other info.
It is a popular misconception that .htaccess files are necessary to
enable password access. They're not.
.htaccess allows you to put a certain subset of directives in a local
file which will apply only to the directory that the .htaccess file
appears in... provided you have said "AllowOverride <something>" in
httpd.conf. Often, people put the directives necessary for
authentication (password access) into a .htaccess file - but it's not
essential that they go there.
Personally, I find that .htaccess files give the user so much rope that
he usually ends up shooting himself in the foot. So I disable .htaccess
globally (AllowOverride None at the docroot), then I set up
authentication in a <Directory> container. All you need is:
<Directory /path/to/protected/dir>
AuthType Basic
AuthName "Member Section"
AuthUserFile /path/to/password/file
require valid-user
</Directory>
If you insist on using .htaccess, put the four mod_auth directives in
the .htaccess file, then do;
<Directory /path/to/protected/dir>
AllowOverride All
</Directory>
in the config.
Rgds,
Owen Boyle.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: help setting up .htaccess with virtual hosts
Posted by Chet Luther <ch...@rcn.com>.
If you specify "AllowOverride None" the users won't be able to override
your access settings with their own .htaccess file.
Hello,
Question regarding setting up .htaccess and virtual hosts. First I've read
everything I think I can on the Apache website and in the O'Reilly book and
I'm still unsure exactly how to go about this. Basically, I have a
webserver setup for virtual hosting. What I want to do is setup one
password protected directory in one vitual account that has already fancy
indexing enabled. In the past I'd tried enabling .htaccess in the main (or
global section) of httpd.conf, but it was ignored when I would setup a
.htaccess file in a given - and furthermore it began to mess up access to
everyone's php web based email.
What is the preferred, or correct way of doing this? I can provide my
httpd.conf and other info.
Steve Bopple, P.E.
Environmental Engineer, Ohio EPA
330-963-1199 (direct)
stephen.bopple@epa.state.oh.us
"Seabees - We Build, We Fight"
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org