I'm having difficulty getting apache to require authentication using .htaccess for a virtual host with the directory any deeper than one level. Setup: Apache SuExec, FastCGI .htaccess 'require valid-user' works fine on the top level directory. (I get a password prompt when the relevant lines are in .htaccess) .htaccess 'require valid-user' breaks in the 2nd level directory, but when I remove the 'require valid-user' line, I can access the proper files under the 2nd level directory just fine.. So I know it's reading the .htaccess file... I'm also not seeing any errors in the apache logs... owner of all files and directories is the proper user, and they are mode: 755 .htaccess of the top level directory: << # For security reasons, Option followsymlinks cannot be overridden. #Options +FollowSymlinks Options +SymLinksIfOwnerMatch RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] # THIS WORKS AuthType Basic AuthName "realm" AuthUserFile "PATH-TO-HTPASSWD-IN-2ND-LEVEL-DIR/.htpasswd" require valid-user >> .htaccess of the 2nd level directory: << # THIS DOESN'T WORK, I'M NEVER PROMPTED FOR A PASSWORD AuthType Basic AuthName "realm" AuthUserFile "PATH-TO-HTPASSWD-IN-2ND-LEVEL-DIR/.htpasswd" require valid-user >> Any ideas? TIA
Hello there, Check the server logs for calls to the .htaccess file, and see if there are any errors associated with it. If you don't have access to the server logs, I suggest contacting your host regarding this problem, and see what they have to say. Chris
Thanks for the idea.. I have looked at the server logs: 'error_log'. and there's no errors.. Also, I've verified that if I take off the 'require valid-user' line, the .htaccess file is actually read and honored.. (the rewrite rules are taking effect)... but with the 'require valid-user' line.. the rewrite rules aren't working, so something is going wrong.. but no errors in the logs..