On Friday 24 August 2001 9:13 pm, Daniel Woodard wrote:
I did as shown below, no different than what I've been doing and the same
error after three failed log-ins. This example does place .htaccess and
.htpasswd in the same directory- I have them in different directories
before, but it still acts the same.
No example ever mentions permissions, nor have I seen too many set-up more
complicated than these example set-ups.
If it's not file permissions (ie the server can't access .htpasswd or
something) than am I missing something from the install because I did a
minimal install and added just a few things to get the web server and ssh
working.
What's frustrating is that it seem's like it works/behaves corrrectly in
everything but verifying the password.
This is supposed to be real easy right? I don't see to much fuss in deja or
geocrawler, so I guess for the most part it's set the files and go! I'm not
so lucky I guess.
Could be one of two things:
1. User overrides are disabled. .htaccess is therefore ignored. Check
httpd.conf to see if it's disabled:
<Directory />
AllowOverride None
Options None
allow from all
</Directory>
2. Security for the server's DocumentRoot is strict.
Look for:
# This should be changed to whatever you set DocumentRoot to.
#
...
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride None
You need to change the "None" to "All" in both instances, or AllowOverride
FileInfo AuthConfig Limit, which is common for home directories.
Here's a snippet from the Apache manual on AllowOverride:
AllowOverride directiveSyntax: AllowOverride All|None|directive-type
[directive-type] ...
Default: AllowOverride All
Context: directory
Status: core
When the server finds an .htaccess file (as specified by AccessFileName) it
needs to know which directives declared in that file can override earlier
access information.
When this directive is set to None, then .htaccess files are completely
ignored. In this case, the server will not even attempt to read .htaccess
files in the filesystem. <-- I think this is what's happening, M.
When this directive is set to All, then any directive which has the .htaccess
Context is allowed in .htaccess files.
The directive-type can be one of the following groupings of directives.
AuthConfig
Allow use of the authorization directives (AuthDBMGroupFile, AuthDBMUserFile,
AuthGroupFile, AuthName, AuthType, AuthUserFile, Require, etc.).
FileInfo
Allow use of the directives controlling document types (AddEncoding,
AddLanguage, AddType, DefaultType, ErrorDocument, LanguagePriority, etc.).
Indexes
Allow use of the directives controlling directory indexing (AddDescription,
AddIcon, AddIconByEncoding, AddIconByType, DefaultIcon, DirectoryIndex,
FancyIndexing, HeaderName, IndexIgnore, IndexOptions, ReadmeName, etc.).
Limit
Allow use of the directives controlling host access (Allow, Deny and Order).
Options
Allow use of the directives controlling specific directory features (Options
and XBitHack).
(http://httpd.apache.org/docs-2.0/mod/core.html)
M