Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: HTTP Basic Auth not Working |
|
| Author |
|
Moe5000
Joined: 11 May 2023
Posts: 1
|
 Posted: Sun 28 May '23 21:34 Post subject: HTTP Basic Auth not Working |
 |
|
We (small company) have Apache set up with various .conf files, mostly to run rewrite rules, but we also use other features. I'm trying to use HTTP "Basic Auth" to restrict filesystem access to a particular directory via:
| Code: | <Directory "/var/www/forums">
Require all denied
AllowOverride None
</Directory> |
but it doesn't seem to work. Access is still allowed, after restarting Apache. There are no other <Directory> declarations at or beneath this directory, and my understanding is that even if there were ones above it (I don't see any others at all), this would override them. I placed the above directive at the outer level of the .conf file, not inside a <VirtualHost> declaration, though we do have several <VirtualHost> declarations.
Curiously, if I use a <Location> directive instead, that works, but that directive is documented as not being recommended if you're actually trying to restrict access to a particular filesystem directory, since multiple URL paths may route to the same directory.
I can't provide the .conf file itself as it contains too much proprietary information, but if I've left out some other critical information required to answer my question, I'd be glad to provide it.
Apache/2.4.6 (CentOS)
CentOS Linux release 7.9.2009 (Core) |
|
| Back to top |
|
|
|
|
|
|
