[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] using htaccess to limit www access to a users directory
- Subject: Re: [cobalt-users] using htaccess to limit www access to a users directory
- From: "Brian Curtis" <admin@xxxxxxxxxxx>
- Date: Wed Sep 20 11:01:21 2000
- Organization: Pomfret Computer Technologies
> The directory is /home/sites/site3/users/joeuser/web
> I created a .htaccess file in the directory I want protected
> the contents are:
>
> # Access file
> order allow, deny
> allow from all
> require valid-user
> Authname protectedsite
> AuthPAM_Enabled off
> Authtype Basic
> AuthUserFile /etc/passwd (to use the system passwd file) I've tried
leaving
> this line off also
First off, I do not believe that the Apache binary on Cobalt hardware has
the proper means to use the system password file. There's a module floating
around that will allow you to do it though.
> Then I created the .htpasswd file using /usr/sbin/htpasswd -c
> /home/sites/site3/users/joeuser/web joeuser
> I was prompted 2 times for the password. When I look in the users Dir
using
> ls -a I see the .htpasswd file and it has the user and encrypted password
in
> it.
Then set the AuthUserFile line to look like this:
AuthUserFile /home/sites/site3/users/joeuser/web
However, having the htpasswd file located in a web accessible directory is
not recommended. Try something like
/home/sites/site3/users/joeuser/.htpasswd (something not Web accessible).
--
BC