Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

.htaccess question

30 views
Skip to first unread message

sam

unread,
Nov 7, 2009, 11:26:37 AM11/7/09
to
I have a fresh install of Slackware 13.

I get .htaccess to work on all directories EXCEPT
the htdocs web directory. Apache just seems to ignore
it when its there. Any thoughts?

Thanks,

s

Morten L

unread,
Nov 7, 2009, 12:29:36 PM11/7/09
to

Se in /etc/httpd/httpd.conf:

<Directory "/srv/httpd/htdocs">
...
# AllowOverride controls what directives may be placed in
# .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
...
</Directory>


--
Morten L

sam

unread,
Nov 7, 2009, 12:42:37 PM11/7/09
to
In article <slrnhfbbk0.f...@ml4.langlo.lokal>,
ml47s...@gspmailam.com says...

Yes, that's my current setting. .htaccess works for users
in my HOME directory, but not in the htdocs directory.

s

Morten L

unread,
Nov 7, 2009, 3:49:11 PM11/7/09
to

You are supposed to CHANGE that setting. "None" means, that you
are not allowed to have any directives in .htaccess for that
directory!


--
Morten L

Joseph Rosevear

unread,
Nov 7, 2009, 7:12:33 PM11/7/09
to

> Thanks,

> s

Sam,

I am interested in this question, because I'm interested in the problem
of configuring httpd.conf. The httpd.conf file is *big*, and I'm still
learning about how to configure it for various purposes.

I start with the unchanged file that is supplied with Slackware 12.0.
(I'm using 12.0, by the way.) I have saved this file (unchanged) to a
handy location for reference.

Then I make changes to the original file as needed to meet my purpose.
This has been a difficult process to learn what changes I need.
Currently I want Apache to

run Php
relocate my Document Root
use .htaccess

and maybe some other purposes.

What you're doing is just the last purpose "use.htaccess", so I tried
to get that to work with a minimum of changes to the original
httpd.conf file.

I got it to work with just one change to the original httpd.conf file,
and it wouldn't work without the change, so I guess I did what I
intended. Anyway it is the same change that Morten seemed to be
writing about. Here is a piece of the changed httpd.conf file that
includes my change. My change is near the end of this and marked with
"JHR":

vvv
<Directory "/srv/httpd/htdocs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI
# MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options
# All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please
# see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess
# files.


# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#

# JHR 091107
# AllowOverride None
AllowOverride All
^^^

As long as I'm documenting what I did, here is the .htaccess file that
I put in /srv/httpd/htdocs:

vvv
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /srv/httpd/htdocs/.htpasswd
Require user cha2
^^^

I gave it permissions 644 root:root (rw-r--r--, owned by root and in
group root). I also made a .htpasswd file in /srv/httpd/htdocs like
this (as root):

htpasswd -c .htpasswd cha2

It ended up with the same permissions (644 root:root). "cha2" is the
username. htpasswd prompted me for a password which I supplied.

Of course, you need to tell Apache to use the changed httpd.conf file.
I did that with this command (as root):

/usr/sbin/apachectl restart

And, because my browser (Konqueror) remembers authentication of this
kind (I don't know why--all browsers seem to do this), I quit and
restarted my web browser to get a clean test.

After doing all this I had working password protection for the example
web page that is at /srv/httpd/htdocs on my system. The protection
worked for the Document Root (http://localhost) and for a test web page
that I made (http://localhost/test/index.html).

Without the change to httpd.conf (after re-running "apachectl restart"
and quitting and restarting the browser). I got no password protection
in the Document Root or for the test web page.

So I wasn't able to recreate your experience of only Document Root not
having password protection. Hmmm.

Hope this helps.

I went the extra mile (five miles?) here with a long explanation,
because I think this is important. I'm not aware of any good
documentation about this anywhere. If anyone wants to add to or
correct what I wrote above, feel free to do so.

-Joe

Joseph Rosevear

unread,
Nov 7, 2009, 7:22:34 PM11/7/09
to
Joseph Rosevear <j...@max.hopto.org> wrote:
> sam <nos...@nospam.spam> wrote:

[snip]

> Sam,

> I am interested in this question, because I'm interested in the problem
> of configuring httpd.conf. The httpd.conf file is *big*, and I'm still
> learning about how to configure it for various purposes.

[snip]

> After doing all this I had working password protection for the example
> web page that is at /srv/httpd/htdocs on my system. The protection
> worked for the Document Root (http://localhost) and for a test web page
> that I made (http://localhost/test/index.html).

> Without the change to httpd.conf (after re-running "apachectl restart"
> and quitting and restarting the browser). I got no password protection
> in the Document Root or for the test web page.

I need to explain before anyone catches me on this. My test web page
had its own .htaccess and .htpasswd files made in the same way. The
.htaccess file was slightly different to reflect the different location
of the .htpasswd file, and I used a different username, "cha3".

-Joe

0 new messages