Apache control access doesn't work

Discussion in 'Apache' started by papoon01, Aug 22, 2010.

0
  1. #1
    Hi there,

    I want Apache to prompt for authentication whenever they access to /appl/sms/public_html/secure/data_entry.html.

    I modified /etc/httpd/conf/httpd.conf as per below and restarted the httpd service.

    [root@hkhkgls1088 secure]# service httpd restart
    Stopping httpd: [ OK ]
    Starting httpd: [Fri Aug 20 14:53:04 2010] [warn] The ScriptAlias directive in /etc/httpd/conf/httpd.conf at line 1017 will probably never match because it overlaps an earlier ScriptAlias.
    httpd: Could not reliably determine the server's fully qualified domain name, using hkhkgls1088.hkg-co.hk.dhl.com for ServerName
    [ OK ]
    [root@hkhkgls1088 secure]# ll -a /appl/sms/public_html/secure/apachepw
    -rw-r--r-- 1 root root 21 Aug 20 13:53 /appl/sms/public_html/secure/apachepw
    [root@hkhkgls1088 secure]# vi [root@hkhkgls1088 secure]# ll -a /appl/sms/public_html/secure/apachepw
    VIM - Vi IMproved 7.0 (2006 May 7, compiled Jun 12 2009 07:09:20)


    <Directory "/appl/sms/public_html/secure">
    AuthType Basic
    AuthName "Password Protecting Test Folder"
    AuthUserFile /appl/sms/public_html/secure/apachepw
    require valid-user
    </Directory>

    [root@hkhkgls1088 secure]# ll -a
    total 36
    drwxr-xr-x 2 smsadm smsgrp 4096 Aug 20 14:54 .
    drwxr-xr-x 11 smsadm smsgrp 4096 Jun 24 10:49 ..
    -rw-r--r-- 1 root root 21 Aug 19 22:40 1
    -rw-r--r-- 1 root root 21 Aug 20 13:53 apachepw
    -rw-r--r-- 1 root root 21 Aug 20 13:52 .apachepw
    -rwxrwxrwx 1 smsadm iplanet 13191 Jan 26 2004 data_entry.html

    The directory is under a virtual host.

    However, I can still access to /appl/sms/public_html/secure/data_entry.html without prompting me for logon. Please advise.


    Brdgs,
    Anthony
     
    papoon01, Aug 22, 2010 IP
  2. madaboutlinux

    madaboutlinux Member

    Messages:
    250
    Likes Received:
    7
    Best Answers:
    2
    Trophy Points:
    43
    #2
    Is "/appl/sms/public_html" the DocumentRoot of the domain? And are you looking to password protect the file OR the complete directory?

    The code you stated should be in a .htaccess file under the directory you wish to password protect and the "AuthUserFile" directive should point to the file containing the username/password. The above code will work in a .htaccess file by default if you are looking to password protect a directory on a Linux server.
     
    madaboutlinux, Aug 24, 2010 IP