Solved

enable .htaccess files within ssl.conf

Posted on 2004-10-18
3
1,222 Views
Last Modified: 2008-03-17
i'm trying to use htaccess files on my secure site but i can't get them to work, i was hoping someone could tell me how to edit the file to allow a subdirectory to be password protected

i.e.  html/secure_dir/


my ssl.conf file roughly looks like this

<IfDefine SSL>
Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

#   Pass Phrase Dialog:
#   Configure the pass phrase gathering process.
#   The filtering dialog program (`builtin' is a internal
#   terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog  builtin

#   Inter-Process Session Cache:
#   Configure the SSL Session Cache: First the mechanism
#   to use and second the expiring timeout (in seconds).
#SSLSessionCache        none
#SSLSessionCache        shmht:logs/ssl_scache(512000)
#SSLSessionCache        shmcb:logs/ssl_scache(512000)
SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300

#   Semaphore:
#   Configure the path to the mutual exclusion semaphore the
#   SSL engine uses internally for inter-process synchronization.
SSLMutex  file:logs/ssl_mutex

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin


<VirtualHost XXX.XXX.XXX.XXX:443>

#  General setup for the virtual host

DocumentRoot "/usr/local/apache/domain/html"
ServerName www.domain.com:443
ServerAdmin admin@domain.com
ErrorLog /usr/local/apache/domain/logs/ssl_error_log
TransferLog /usr/local/apache/domain/logs/ssl_access_log

.....
certificate crap
.....

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars +
</Files>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>
0
Comment
Question by:philjones85
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
gripe earned 500 total points
Comment Utility
Do you have an AllowOverride directive set to 'none' somewhere in your config that is cascading down to your Virtual hosts? You may need to set a <Directory> block and 'AllowOverride all' (or whatever .htaccess directives you'd like to allow) on the directory you want to use.
0
 
LVL 13

Expert Comment

by:gripe
Comment Utility
Here is an example of how to configure an .htaccess file to allow for authentication:

AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
Require Group admins

Note that you must use htpasswd to set up your password file with the appropriate users.

What is the problem you're seeing exactly? Could you post the contents of the .htaccess file you're trying to use?

0
 
LVL 6

Author Comment

by:philjones85
Comment Utility
i haven't seen any documentation that adds directories to the ssl.conf file, i didn't know you could do that.

that was the problem though, i added:

<Directory "/">
        AllowOverride All
        Options FollowSymLinks
        Order allow,deny
        Allow from all
</Directory>

to the ssl.conf file and it works fine now, thanks.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now