On Wed, Oct 06, 2004 at 11:43:21AM +0200, Jasper Filon wrote: > I have a little issue with the favicon file. My www root is password > protected. But i also have a /public directory, which can be accessed by > everyone. However, when someone opens a picture in his webbrowser by > opening "www.mydomain.com/public/pictures/picture.jpg", he or she gets a > login-dialog, because the browser tries to open > "www.mydomain.com/favicon.ico", which is a restricted directory. Does > anybody knows how to tell apache to simpy send a 404 (page not found) > instead of requiring username/password? Offcourse, i can create a > favicon.ico file and give the world read-access on that file, but there > must be a easier way to do this? There's a meta setting you can use to specify an alternate location for favicon.ico, but that's not so useful if you're pointing people directly at things like images. I'd consider it a bit of a bug for a browser to pop up an auth dialog for favicon.ico, but I guess you've got an uphill battle to fix that in every browser. The quick Apache fix would be to create a Location stanza for favicon.ico, like so: <Location /favicon.ico> order allow,deny deny from all </Location> which would give anyone who comes near it an (I think) 403 response code. - Matt
Attachment:
signature.asc
Description: Digital signature