Httpd – What’s the equivalent of in .htaccess

apache-2.2httpd

I'm setting up Trac, and want to password protect the login page, as suggested here. I'm on a shared hosting setup, so I can't modify the httpd.conf, I have to use .htacces. How do I restrict just the login page without restricting other pages? The Trac docs suggest:

<Location "/trac/login">
  AuthType Basic
  AuthName "Trac"
  AuthUserFile /somewhere/trac.htpasswd
  Require valid-user
</Location>

But the Location tag is only for httpd.conf, it doesn't work in .htaccess. How can I get the same effect? There's no "login" directory to put a .htaccess file into, it needs to go into the main trac directory.

Best Answer

This is just a guess, but can you place that in a .htaccess file, minus the <Location> and </Location> tags, inside the /trac/login directory?

Also, be sure to have your htpasswd file outside the document root (commonly public_html) otherwise it can be downloaded and cracked.

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it's .htaccess includes the following redirection logic to redirect missing files to a PHP script:

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.

Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.

Also, I think it is likely that SELinux would result in a different error, but it's not mentioned in the discussion above. Did you try disabling SELinux?

How to change Document Root for Apache2 in Mac OS X

The httpd.conf file provided with OS X has a default deny that locks down every directory from every client. It then allows access to the DocumentRoot directory — that would be the default of /Library/WebServer/Documents. Page down some in that file and you'll see:

<Directory "/Library/WebServer/Documents">
    # [...]
    Options Indexes FollowSymLinks MultiViews

    # [...]
    AllowOverride None

    # [...]
    Order allow,deny
    Allow from all

</Directory>

Change the "/Library/WebServer/Documents" bit to "/webcontent" and you're good.

Best Answer

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

How to change Document Root for Apache2 in Mac OS X

Related Topic