httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lad.G...@cle.philips.com
Subject Re: MS Word, .htaccess & Passwords
Date Tue, 04 Jun 2002 13:19:31 GMT

First off, I want to thank you for taking the time to answer my questions.
I thought I was pretty good at figuring stuff out until this MS curse.

After I modify the .htaccess file with the file exclusion directive, the
error log states:
[Tue Jun  4 07:24:59 2002] [alert] [client 123.54.232.18] /usr/local/httpd/html/.htaccess:
allow not allowed here
[Tue Jun  4 07:24:59 2002] [alert] [client 123.54.232.18] /usr/local/httpd/html/.htaccess:
allow not allowed here

Which is the same is I change from Basic authentication to Digest, that's another story.....

Alias did not have an effect. I placed this line immediately after the alias statement for
/icons/
Alias /home/trip/_vti_inf.html "/usr/local/httpd/html/_vti_inf.html"   #per the script the
syntax should be Alias fakename realname
The access log still said the same:
123.54.232.18 - - [04/Jun/2002:09:00:19 -0400] "GET /~trip/c02-030.doc HTTP/1.1" 304 -
123.54.232.18 - - [04/Jun/2002:09:00:19 -0400] "OPTIONS /~trip HTTP/1.1" 301 246
123.54.232.18 - - [04/Jun/2002:09:00:19 -0400] "GET /_vti_inf.html HTTP/1.1" 401 409

So then I added the
<files _vti_inf.html>
   Allow from all
   Satisfy Any
   </files>
directive into the conf file immediately below the directive to hide the .htaccess from browsers.

The result in the access log was:
123.54.232.18 - - [04/Jun/2002:09:06:30 -0400] "GET /~trip/c02-033.doc HTTP/1.1" 304 -
123.54.232.18 - - [04/Jun/2002:09:06:30 -0400] "OPTIONS /~trip HTTP/1.1" 301 246
123.54.232.18 - - [04/Jun/2002:09:06:30 -0400] "GET /_vti_inf.html HTTP/1.1" 404 219
123.54.232.18 - - [04/Jun/2002:09:06:30 -0400] "POST /_vti_bin/shtml.exe/_vti_rpc HTTP/1.1"
401 409
123.54.232.18 - - [04/Jun/2002:09:06:33 -0400] "GET /~trip/c02-033.doc HTTP/1.1" 304 -

Which is getting a little further!

I then tried to add another files directive underneath the above, as such:
<files _vti_bin/shtml.exe/_vti_rpc>
Allow from all
Satisfy any
</files>

The results are same as above in the logs. No further progress.

So what does batman do now?? I'm really starting to dislike software from Seattle!

Tx





Joshua Slive <joshua@slive.ca> on 06/03/2002 05:16:19 PM

Please respond to users@httpd.apache.org

To:   users@httpd.apache.org
cc:

Subject:  Re: MS Word, .htaccess & Passwords



On Mon, 3 Jun 2002 Lad.Gaal@cle.philips.com wrote:
> Well neither of these approaches worked. I tried including the <files>
into
> my .htaccess file, but then I received an internal server error when
trying
> to access the directory (500 544).

What does the error log say?

> So I tried the alias aspect. After this
> thing looks for the _vti_inf.html file, it then tries to post to
> /_vti_bin/shtml.exe/_vti_rpc and i could not get alias to get around this
> area.

Why not?  What did you try?

>
> Now that I'm totally unsure is this the correct way of doing the
.htaccess,
> never messed with this?
> AuthName "Office Users"
>   AuthType Basic
>   AuthUserFile /usr/local/foo/users
>
>   <files _vti_inf.html>
>   Allow from all
>   Satisfy Any
>   </files>
>
>   require valid-user

Looks OK.

Joshua.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org








---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message