[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Front Page Passwords Not Required

Subject: Re: [cobalt-users] Front Page Passwords Not Required
From: Will DeHaan <will@xxxxxxxxxx>
Date: Wed Mar 22 16:27:55 2000
Organization: Cobalt Networks

Jeff Lasman wrote:
> 
> Thanks for attempting to help me with this.  This is severely broken
> behavior.  I don't think the problem lies with these files, but with the
> "fixes" installed on the systems.

The .htaccess files look correct.  It's so very odd to be able to hit
http://www.harriette.com/_vti_pvt/.htaccess and verify htaccess content
directly.  

Check /etc/httpd/conf/srm.conf, verify it contains the line:

AccessFileName .htaccess

Please grep for any other instances of this directive. 

Can any other sites use .htaccess correctly?  Frontpage or otherwise? 
/etc/pam.d/httpd still exists?  No errors in /var/log/httpd/error on
daemon restart?


	-- Will

> 
> The reason I think that is these files are exactly the same on the RaQ2
> that does it right, except for expected differences in IP#s and site#s.
> 
> To reiterate, one RaQ2 does it right, the other does it wrong, and the
> only differences I can see between them is the "fixes" on the systems
> (see my original post for the comparative list).
> 
> Here's the "find" results and the "cat" results for .htaccess for this
> domain on my client's RaQ2:
> >
> > [admin web]$ find . -name ".htaccess"
> > ./_vti_pvt/.htaccess
> > ./_vti_log/.htaccess
> > ./_private/.htaccess
> > ./_vti_txt/.htaccess
> > ./_vti_cnf/.htaccess
> > ./_vti_bin/_vti_adm/.htaccess
> > ./_vti_bin/_vti_aut/.htaccess
> > ./_vti_bin/.htaccess
> > [admin web]$ cat _vti_pvt/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthName www.harriette.com
> >
> >
> > [admin web]$ cat _vti_log/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthName www.harriette.com
> >
> >
> > [admin web]$ cat _private/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST>
> > order deny,allow
> > deny from all
> > allow from all
> > require group site5 admin
> >
> > </Limit>
> > <Limit PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthType Basic
> > AuthName www.harriette.com
> >
> >
> > [admin web]$ cat _vti_txt/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthName www.harriette.com
> >
> >
> > [admin web]$ cat _vti_cnf/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthName www.harriette.com
> >
> >
> > [admin web]$ cat _vti_bin/_vti_adm/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST>
> > order deny,allow
> > deny from all
> > allow from all
> > require group site5 admin
> >
> > </Limit>
> > <Limit PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthType Basic
> > AuthName www.harriette.com
> >
> >
> > [admin web]$ cat _vti_bin/_vti_aut/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST>
> > order deny,allow
> > deny from all
> > allow from all
> > require group site5 admin
> >
> > </Limit>
> > <Limit PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthType Basic
> > AuthName www.harriette.com
> >
> >
> > [admin web]$ cat _vti_bin/.htaccess
> > # -FrontPage-
> >
> > Options None
> >
> > <Limit GET POST>
> > order deny,allow
> > deny from all
> > allow from all
> > </Limit>
> > <Limit PUT DELETE>
> > order deny,allow
> > deny from all
> > </Limit>
> > AuthName www.harriette.com
> >
> >
> > [admin web]$
> 
> and here's the listing from /etc/httpd/conf/httpd.conf for the site in
> question on the machine that doesn't ask for the password:
> >
> > <VirtualHost 209.126.128.43>
> > ServerName www.harriette.com
> > ServerAdmin admin
> > ServerAlias harriette.com
> > DocumentRoot /home/sites/site5/web
> >
> > RewriteEngine on
> > RewriteCond %{HTTP_HOST}                !^209.126.128.43(:80)?$
> > RewriteCond %{HTTP_HOST}                !^www.harriette.com(:80)?$
> > RewriteRule ^/(.*)                      http://www.harriette.com/$1 [L,R]
> > RewriteOptions inherit
> > AliasMatch ^/users/([^/]+)(/(.*))? /home/sites/site5/users/$1/web/$3
> > ScriptAlias /_vti_bin/_vti_adm/ /home/sites/site5/web/_vti_bin/_vti_adm/
> > ScriptAlias /_vti_bin/_vti_adm/ /home/sites/site5/web/_vti_bin/_vti_aut/
> > ScriptAlias /_vti_bin/ /home/sites/site5/web/_vti_bin/
> > AliasMatch ^/~([^/]+)(/(.*))? /home/sites/site5/users/$1/web/$3
> > </VirtualHost>
> 
> Please help me with this; it's hard to charge a customer for a system
> that doesn't work.
> 
> Thanks.
> 
> Jeff
> --
> Jeff Lasman <jblists@xxxxxxxxxxxxx>
> nobaloney.net
> P. O. Box 52672
> Riverside, CA  92517
> voice: (909) 787-8589  *  fax: (909) 782-0205

Follow-Ups:
- Re: [cobalt-users] Front Page Passwords Not Required
  - From: Jeff Lasman

References:
- [cobalt-users] Front Page Passwords Not Required
  - From: Jeff Lasman
- Re: [cobalt-users] Front Page Passwords Not Required
  - From: Will DeHaan
- Re: [cobalt-users] Front Page Passwords Not Required
  - From: Jeff Lasman

Prev by Date: [cobalt-users] {raq3} please help //var/lib/rpm/packages.rpm
Next by Date: Re: [cobalt-users] Front Page Passwords Not Required--MORE
Previous by thread: Re: [cobalt-users] Front Page Passwords Not Required
Next by thread: Re: [cobalt-users] Front Page Passwords Not Required

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index