htaccess confusion! Need help.
I'm trying to set up digest authentication for a particular directory
accessible via Apache. I thought it would be as simple as creating the
.htaccess file with the contents:
AuthName "Private Access Only"
in the directory I wish to protect and restart apache (not even sure
the restart is necessary, when things are working?). Unfortunately the
.htaccess file seems to be, mostly, ignored. The only exception to
this is if the www-data user (the user the apache daemon runs under)
can't read that file. Then it complains about not being able to read
it in the error log. Otherwise it's wide open no matter what's in
I've loaded the digest auth module, via
LoadModule digest_auth_module /usr/lib/apache/1.3/mod_auth_digest.so
in /etc/apache/httpd.conf and apache seems to load it fine, so I know
that's not the problem.
I saw some poorly worded mention of this problem in the list archives,
something about a conflict with
and the default directory spec
which is listed after the "DocumentRoot" option, but I couldn't follow
Here's the directory entry in httpd.conf that I want to control access
to via digest authentication:
Deny from all
Of course, if I set "Allow from all" then it's wide open. With "Deny
from all" nobody can read it and I never get a login/password
dialog. And "AllowOverride All" doesn't fix it either.
I'm running "testing" with Apache 1.3.24-2.1
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com