RE: [Plug] Restricting Web Access

Young, Geoffrey S. on Tue, 9 Nov 1999 08:36:20 -0500 (EST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: [Plug] Restricting Web Access

From: "Young, Geoffrey S." <younggs@acwilm.com>

To: "'plug@lists.nothinbut.net'" <plug@lists.nothinbut.net>

Subject: RE: [Plug] Restricting Web Access

Date: Tue, 9 Nov 1999 08:33:23 -0500

Cc: "'laktar@hotmail.com'" <laktar@hotmail.com>

Reply-to: plug@lists.nothinbut.net

Sender: plug-admin@lists.nothinbut.net

I think your problem is with AuthUserFile. From the apache docs: The AuthUserFile directive sets the name of a textual file containing the list of users and passwords for user authentication. Filename is the path to the user file. If it is not absolute (i.e., if it doesn't begin with a slash), it is treated as relative to the ServerRoot. Thus /thefold/.htpasswd is looking for /thefold/.htpasswd, not /home/httpd/html/thefold/.htpasswd, which is probably what you mean? maybe? HTH --Geoff BTW, in way of introductions, I've been following the list for a while but haven't made it out to a meeting yet - hopefully, there will be a first time one of these days ;) Anywaym, howdy. > -----Original Message----- > From: Nicolai Rosen [SMTP:laktar@hotmail.com] > Sent: Tuesday, November 09, 1999 12:31 AM > To: plug@lists.nothinbut.net > Subject: [Plug] Restricting Web Access > > I'm trying to restrict access to a directory > http://laktar.dyndns.org/thefold/ on my computer. I've got Apache 1.3.3 > running from inetd on a RH5.2 installation. > > I've done a little looking around and asking people and I can't figure out > > what's wrong with my setup. The URL which is sometimes up is > http://laktar.dyndns.org/thefold/ but when I go there I get an > Authorization > Failed message. The login/pass combination is thefold/thefold. Here are > some > relevant files. > > > > /home/httpd/html/thefold/.htaccess: > AuthUserFile /thefold/.htpasswd > AuthGroupFile /dev/null > AuthName ByPassword > AuthType Basic > > <Limit GET> > require user thefold > </Limit> > > > > /home/httpd/html/thefold/.htpasswd: > thefold:kBmkGCbudswxc > > > > /etc/httpd/conf/access.conf: > ## > ## access.conf -- Apache HTTP server configuration file > ## > > # access.conf: Global access configuration > # Online docs at http://www.apache.org/ > > # This file defines server settings which affect which types of services > # are allowed, and in what circumstances. > > # Each directory to which Apache has access, can be configured with > respect > # to which services and features are allowed and/or disabled in that > # directory (and its subdirectories). > > # Originally by Rob McCool > > # First, we configure the "default" to be a very restrictive set of > # permissions. > > # <Directory /> > # Options None > # AllowOverride None > # </Directory> > > # Note that from this point forward you must specifically allow > # particular features to be enabled - so if something's not working as > # you might expect, make sure that you have specifically enabled it > # below. > > # This should be changed to whatever you set DocumentRoot to. > > <Directory /home/httpd/html> > > # This may also be "None", "All", or any combination of "Indexes", > # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". > > # Note that "MultiViews" must be named *explicitly* --- "Options All" > # doesn't give it to you. > > Options Indexes Includes FollowSymLinks > > # This controls which options the .htaccess files in directories can > # override. Can also be "All", or any combination of "Options", > "FileInfo", > # "AuthConfig", and "Limit" > > AllowOverride All > > # Controls who can get stuff from this server. > > order allow,deny > allow from all > > </Directory> > > # /home/httpd/cgi-bin should be changed to whatever your ScriptAliased > # CGI directory exists, if you have that configured. > > <Directory /home/httpd/cgi-bin> > AllowOverride None > Options ExecCGI > </Directory> > > # Allow server status reports, with the URL of > http://servername/server-status > # Change the ".your_domain.com" to match your domain to enable. > > #<Location /server-status> > #SetHandler server-status > > #order deny,allow > #deny from all > #allow from .your_domain.com > #</Location> > > # There have been reports of people trying to abuse an old bug from > pre-1.1 > # days. This bug involved a CGI script distributed as a part of Apache. > # By uncommenting these lines you can redirect these attacks to a logging > # script on phf.apache.org. Or, you can record them yourself, using the > script > # support/phf_abuse_log.cgi. > > #<Location /cgi-bin/phf*> > #deny from all > #ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi > #</Location> > > # You may place any other directories or locations you wish to have > # access information for after this one. > > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com > > _______________________________________________ > Plug maillist - Plug@lists.nothinbut.net > http://lists.nothinbut.net/mail/listinfo/plug _______________________________________________ Plug maillist - Plug@lists.nothinbut.net http://lists.nothinbut.net/mail/listinfo/plug

Follow-Ups:

RE: [Plug] Restricting Web Access
From: Mental <mental@NeverLight.com>

Prev by Date: [Plug] Restricting Web Access

Next by Date: RE: [Plug] Restricting Web Access

Previous by thread: [Plug] Restricting Web Access

Next by thread: RE: [Plug] Restricting Web Access

Index(es):

Date

Thread