Restrict Access to a Directory - seemingly easy

[bitwise]

I am having a diffcult time getting Apache (2.0.39) to restrict directory access correctly. In httpd.conf I've added this:

<Directory &quot;/usr/local/apache2/htdocs/mystuff&quot;>
AuthType Basic
AuthName &quot;Restricted&quot;
AuthUserFile /etc/htpasswd
Require user guest
</Directory>

Of course &quot;/etc/htpasswd&quot; has guest in it with a valid password. My problem is that when I go the the site. The directory &quot;mystuff&quot; no longer is in the listing!!? I want it to be in the listing I just want to supply a password before accessing it...I don't want it completely gone.

Any thoughts?
Thanks,
-bitwise

 

[Newposter]

Typically you would create an .htaccess and an .htpasswd file to accomplish this, instead of putting the restriction in your httpd.conf file. Newposter
&quot;Good judgment comes from experience. Experience comes from bad judgment.&quot;

 

[bitwise]

Actually, the more secure way is to put restrictions in httpd.conf. The only reason .htaccess is used is on multi-administered webservers where a head administrator wants to give other people ability to restrict specific directories but doesn't want them messing with the httpd.conf file or restarting the webserver. If you are a single person running your own webserver then there is not much of a reason to use .htaccess files as they are less secure.

-bitwise