If ~user has 700 permissions, this won't work. (Assuming httpd is NOT running as root. If you are running it as root, you have other things to worry about . . .) I, on the other hand, don't like having a daemon that can be compromised (ie, httpd or Apache) having access to my files. Web content is another story. George Patrick Fleming EA wrote: > > On Tue, 1 Oct 2002, George Toft wrote: > > > You need a .htpasswd file in that directory also. You are using the > > htpasswd command, so where is your .htpasswd file? Find it, and move it > > to /var/www/html/test > > > > George > > I partly agree... > AuthUserFile ~user/.htpasswd > > I don't like this file in a potentially web accessible location. > I ended up setting: > AllowOverride AuthConfig > *and* > > AllowOverride AuthConfig > > > to get this to work after upgrading apache(to 2.0.36) recently. I don't > remember which one caused the problem. > > > > > > > > > Anthony Hologounis wrote: > > > > > > I have a RH7.2 box with apache 1.3.22. > > > > > > /var/www/html is where the html docs live > > > > > > /var/www/html/test is the directory I want to protect > > > > > > I created a user file in my home directory ~/user > > > > > > I use htpasswd -c ~user someone to populate the access file > > > > > > There is an .htaccess file in /var/www/html/test > > > > > > it looks like this > > > > > > AuthName "restricted stuff" > > > AuthType Basic > > > AuthUserFile ~/user > > > > > > require valid-user > > > > > > It quite simply does not work. > > > > > > I read the docs here http://www.apacheweek.com/features/userauth and > > > here http://www.redhat.com/support/resources/faqs/RH-apache-FAQ/c135.html > > > > > > I have tried this in the httpd.conf file > > > > > > # This controls which options the .htaccess files in directories can > > > # override. Can also be "All", or any combination of "Options", "FileInfo", > > > # "AuthConfig", and "Limit" > > > > > > ###AllowOverride None this didn't work > > > ###AllowOverride AuthConfig this didn't work either > > > > > > and yes, I removed the hashes when I tested it. > > > > > > I didn't think it would be this much of a pain.....aarrgh > > > > > > Anthony > > > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > > To subscribe, unsubscribe, or to change you mail settings: > > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change you mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > -- > Patrick Fleming, EA > http://myhdvest.com/patrickfleming > Licensed to represent taxpayers > before Exam, Appeals, and Conference > divisions of the IRS > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change you mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss