Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Restrict Directory by httpd file?

Status
Not open for further replies.
rxsid

rxsid

Programmer
Jul 9, 2002
57
US
Hi All,

I'm running apache 2.0.52 on a windows 2003 server. I'd like to restrict a directory when access via a browser.
With IIS, I could set directory security on the virtual site to require authentication via a popup box.

1. Is there something similar when using apache? (require authentication to be typed into a popup box).
2. I don't want to use .htaccess files to restrict directories, I wan't to use the httpd.conf file, but not sure how to secure say with being the root web directory.

Something like:
Code: 
<Directory /[URL unfurl="true"]wwwroot/privateDir>[/URL]
  What would go here to cause a popup authentication for this directory?
</Directory>


Thank you.
 
Sort by date Sort by votes
thanks for the reply.

this is what i tried:
Code: 
<Directory /[URL unfurl="true"]wwwroot/privateDir>[/URL]
AuthType Basic
AuthName "Restricted Files"
AuthUserFile F:/Apache2/var/somepwdfile
Require user someuser
</Directory>
i created the somepwdfile using the htpasswd.exe that came with apache, and tried both with the password SHA encrypted and plain text. i stopped, restarted apache...and still i'm getting the forbidden error:
Code: 
Forbidden
You don't have permission to access /privateDir/ on this server.
did i miss a step?
 
Upvote 0 Downvote
rxsid,

Since this is a Windows Server 2003 box, your <Directory> container and the path to the AuthUserFile needs to have the path specified as a Windows-style path.

Try changing <Directory / to
<Directory F:\path\to\privateDir> and change
AuthUserFile F:/Apache2/var/somepwdfile to
AuthUserFile F:\path\to\somepwdfile



Wishdiak
A+, Network+, Security+, MCSA 2003 certified
 
Upvote 0 Downvote
ok...i got it.

i just didn't have the full path name
Code: 
<Directory F:fullPathto/[URL unfurl="true"]wwwroot/privateDir>[/URL]
 
Upvote 0 Downvote
how ironic...looks like we were posting at the same time.

the only issue was my missing full path name in the <DIRECTORY> line as i indicated...the other with forward slashes is correct.

Thanks!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

spamjim
  • Locked
  • Question
Sorting out NTFS filesystem issues
Replies
0
Views
128
spamjim
spamjim
MCP2000
  • Locked
  • Question
CentOS 6.9, LDAP, Vault, Active Directory
Replies
0
Views
71
MCP2000
MCP2000
jponnusa
  • Locked
  • Question
Connectivity Apache HTTPD &amp; Tomcat7 (AJP Connector)
Replies
0
Views
87
jponnusa
jponnusa
kevinds
  • Locked
  • Question
Help With Per File/Folder Restriction Based on HTTPS Client Certificate's CN
Replies
0
Views
68
kevinds
kevinds
jponnusa
  • Locked
  • Question
Help on Mapping Local Directory for URL
Replies
1
Views
104
SamBones
SamBones

Part and Inventory Search

Sponsor

Back
Top