I have a web server with authenticated access to it. I want to create a sub-directory /public with unauthenticated access, as I want it to be viewed publicly. Currently in my httpd.conf I have the following. <Directory /> AuthName "Enter Username and Password to continue" Authtype Basic AuthUserFile /server/www/.htpasswd Require valid-user Options FollowSymLinks AllowOverride None Order deny,allow Deny from all </Directory> <Directory "/server/www/htdocs"> #Document Root Options FollowSymLinks Order allow,deny Allow from all </Directory> <Directory "/server/www/htdocs/public"> #Public Directory Options FollowSymLinks AllowOverride None Order Allow,Deny Allow from All ##### Need something else in here ##### </Directory> Whenever I visit a page in the /public directory it still asks for authorisation. Is there any directive I can add to the public directory section to remove the authorisation? I was thinking of AuthType or Require, but they don't seem to have an option "none". cheers BD
Have you tried putting a .htaccess file within the "public" directory, and just putting: allow from all Code (markup): in it. This did the trick for me. Jay
No that didn't work. I changed the AllowOverride to All, then put in the .htaccess file, but no change. I'm trying not to use the .htaccess file so I don't take a performance hit, as everything in an .htaccess file can be put in httpd.conf
I figured it out. I needed to use the Satisfy directive. so the Satisfy directive overrides the Require directives in the protected directories higher up. e.g. <Directory /path/to/protected/unprotected> # All access controls and authentication are disabled # in this directory Satisfy Any Allow from all </Directory> Code (markup):