httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Matzura <>
Subject Re: [users@httpd] User Authorization Not Working
Date Sun, 01 Feb 2015 22:21:56 GMT
On Sun, 1 Feb 2015 16:27:49 -0500, you wrote:

><Directory /MyDir> either doesn't match or is overridden by a later
>configuration section (including Location)?

If it didn't match, wouldn't httpd -t kick it back as a mismatch? I
had that problem at first when I forgot to create the log directory
for the private area. There are two separate areas, one public, one
private. The public one, which I didn't show, works fine. The private
one, which is the one I did show, does not ask for the password in

>On Sun, Feb 1, 2015 at 2:15 PM, Steve Matzura <> wrote:
>> On Sun, 1 Feb 2015 12:25:52 -0500, you wrote:
>>>Sounds like Satisfy has been set to "Any" somewhere previously. But in
>>>2.4, you should skip Order and Allow and just use Require.
>> I commented out both those directives and restarted. Same thing.
>> Anyone can get in, and no username or password is asked for.
>>>On Sun, Feb 1, 2015 at 11:55 AM, Steve Matzura <>
>>>> Upon re-reading this message, I find there was something about which I
>>>> was extremely unclear and ambiguous. I said that the access to the
>>>> password-protected area wasn't working, but failed to specify just
>>>> what wasn't working. The problem is that Apache isn't asking for the
>>>> password, and letting anyone browse this directory. Sorry for having
>>>> inadvertently omitted this major piece of information.
>>>> On Sat, 31 Jan 2015 13:23:06 -0500, you wrote:
>>>>>I maintain a 2.2 server and am building a 2.4 one. I have a file in a
>>>>>sites-enabled directory containing all the directives I need to define
>>>>>security for my open and password-protected directories. There is an
>>>>>"include" directive in the master configuration file
>>>>>/etc/httpd/conf/httpd.conf. httpd -t tells me the syntax is OK. I know
>>>>>it's reading the included config file because there was an error in it
>>>>>which 'httpd -t' found and which I fixed. The open-access area works
>>>>>fine, but the password-protected one doesn't. Here's the "Directory"
>>>>>block for the non-working one, with pathnames replaced with the
>>>>>generic "MyDir":
>>>>><Directory /MyDir>
>>>>>                Options Indexes FollowSymLinks MultiViews
>>>>>                AllowOverride None
>>>>>                Order allow,deny
>>>>>                allow from all
>>>>>               AuthType Basic
>>>>>               AuthName "My Area"
>>>>>               AuthBasicProvider file
>>>>>               AuthUserFile /MyDir/.htpasswd
>>>>>               require valid-user
>>>>>        </Directory>
>>>>>Any thoughts greatly appreciated, with my thanks in advance.
>>>>>To unsubscribe, e-mail:
>>>>>For additional commands, e-mail:
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail:
>>>> For additional commands, e-mail:
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message