[techtalk] .htaccess problem
Almut Behrens
almut_behrens at yahoo.com
Sat May 26 08:59:43 EST 2001
On Fri, May 25, 2001 at 09:19:11PM -0700, terry wrote:
> I'm trying to enable passwords for access to
> my apache webserver.
> <config snipped>
> I get the following error:
>
> Internal Server Error
>
> The server encountered an internal error or misconfiguration and was
> unable to complete your request.
>
> Please contact the server administrator, root at localhost and inform them
> of the time the error occurred, and anything
> you might have done that may have caused the error.
>
> More information about this error may be available in the server error
> log.
... not meant to be a RTFM (M = message, here ;), but what's the
error_log saying?
At first sight, I can't see anything being wrong with your configuration.
Usual stupid question: have you checked file permissions? (need to be
at least readable by UID webserver is running under)
Two more notes:
(1) are you sure you really want an .htaccess file here -- putting the
respective auth-directives in <Directory> would work too. Does
the access/authentication need to be run-time configurable?
(This is a performance aspect only -- things do work with .htaccess
equally)
(2) -- cut 'n pasted from the manual:
"Security: make sure that the AuthUserFile is stored outside the
document tree of the web-server; do not put it in the directory that it
protects. Otherwise, clients will be able to download the AuthUserFile."
(reason is the same that shadow passwords were invented for *nix)
- Almut
More information about the Techtalk
mailing list