You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Wagner, Aaron" <aa...@bankofamerica.com> on 2004/06/08 17:32:47 UTC
[users@httpd] Apache security help
Server Version: Apache/2.0.43 (Win32) PHP/4.3.0
Server Built: Dec 25 2002 18:12:51
###document root in httpd.conf#############
<Directory "D:/APPS/Apache2Web/esysProd">
Options -Indexes FollowSymLinks +ExecCGI
AllowOverride All
Require valid-user
</Directory>
############################
I have the document root set to Require valid-user and I have a directory below root that I need to allow all without password. I tried to add a .htaccess file but it still asks for a password when they go directly to the link.
http://esystems.bank.com/Tools/_MgmtTurnover/DCSMgrRowLog_Curr_and_Open.php
Directory - D:/APPS/Apache2Web/esysProd/tools/_MgmtTurnover
### .htaccess in _MgmtTurnover #############
AuthName "eSys_Website - use 'guest' and 'password' for guest access"
AuthType Basic
AuthDBMGroupFile d:\security\esystest
AuthDBMUserFile d:\security\esystest
allow from all
####################
Any help is appreciated
Aaron N Wagner
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache security help
Posted by Joshua Slive <jo...@slive.ca>.
On Tue, 8 Jun 2004, Wagner, Aaron wrote:
> I have the document root set to Require valid-user and I have a
> directory below root that I need to allow all without password. I tried
> to add a .htaccess file but it still asks for a password when they go
> directly to the link.
Use
Satisfy Any
Allow from all
But be careful, because this will also defeat any host-based access
restrictions.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org