Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

htaccess problem

Status
Not open for further replies.
jimberger

jimberger

Programmer
Jul 5, 2001
222
GB
hi all,

I am trying to secure a part of my web server. I have a directory called /confidential. I want anyone with a valid password to get access to this directory. I have a location tag in apache which validates against a valid user. However, i have other directories within this directory that i only want to limit to certain people. I am using .htaccess files for this purpose. I have a directory tag on the /confidential directory which has the allow overides directive on. This should allow .htaccess to overide. However, what happens is that people are validated when they enter the /confidential directory - which is good - however if they go on to access a sub-directory when they are not named in the .htaccess file - they still have access! Does anyone understand whats going on here?

thanks for your time

jim
 
Sort by date Sort by votes
Hi,

Apache will look for .htaccess files in the specific sub-directory and all parent directories up to /. It works in such a way that the lower down the directory tree the files are the more they override higher equivalent entries. So, if you don't have a .htaccess file in a sub-directory it will 'inherit' the rules from the parent directory or directories. Not too sure from what you say but this might be the problem.

Regards

 
Upvote 0 Downvote
thanks for the reposnse ian. I think you have a understanding of apache but dont quiet understand my problem. In theory, my web server should authenticate against the .htaccess files in the sub directorys but it dosent it authenticates against the location tag which is on the parent directory.
 
Upvote 0 Downvote
Hi,

Hmmm - well the location tag references a url and not necessarily a directory. A bit of digging reveals that the order of evaluation is such that Location and LocationMatch are done last which means that those directives override directives in all other containers insofar as a URL is concerned. Also, if a directive in a <Location> container directly conflicts with the same directive in either a <Directory> (.htaccess) or <Files> container , the directive in the <Location> container will override the others.

See --> .

Regards
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Krus1972
  • Locked
  • Question
Rewrite Rule for .htaccess Help
Replies
0
Views
278
Krus1972
Krus1972
TSch
  • Locked
  • Question
Problem with NFS automount
Replies
1
Views
157
iggsterman
iggsterman
tyutghf
  • Locked
  • Question
htaccess password protect website
Replies
1
Views
131
feherke
feherke
Agent0007
  • Locked
  • Question
Problem Configuring Kerberos
Replies
0
Views
204
Agent0007
Agent0007
audiopro
  • Locked
  • Question
.htaccess problem
Replies
6
Views
165
audiopro
audiopro

Part and Inventory Search

Sponsor

Back
Top