Solved

enable .htaccess files within ssl.conf

Posted on 2004-10-18
3
1,247 Views
Last Modified: 2008-03-17
i'm trying to use htaccess files on my secure site but i can't get them to work, i was hoping someone could tell me how to edit the file to allow a subdirectory to be password protected

i.e.  html/secure_dir/


my ssl.conf file roughly looks like this

<IfDefine SSL>
Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

#   Pass Phrase Dialog:
#   Configure the pass phrase gathering process.
#   The filtering dialog program (`builtin' is a internal
#   terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog  builtin

#   Inter-Process Session Cache:
#   Configure the SSL Session Cache: First the mechanism
#   to use and second the expiring timeout (in seconds).
#SSLSessionCache        none
#SSLSessionCache        shmht:logs/ssl_scache(512000)
#SSLSessionCache        shmcb:logs/ssl_scache(512000)
SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300

#   Semaphore:
#   Configure the path to the mutual exclusion semaphore the
#   SSL engine uses internally for inter-process synchronization.
SSLMutex  file:logs/ssl_mutex

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin


<VirtualHost XXX.XXX.XXX.XXX:443>

#  General setup for the virtual host

DocumentRoot "/usr/local/apache/domain/html"
ServerName www.domain.com:443
ServerAdmin admin@domain.com
ErrorLog /usr/local/apache/domain/logs/ssl_error_log
TransferLog /usr/local/apache/domain/logs/ssl_access_log

.....
certificate crap
.....

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars +
</Files>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>
0
Comment
Question by:philjones85
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
gripe earned 500 total points
ID: 12341041
Do you have an AllowOverride directive set to 'none' somewhere in your config that is cascading down to your Virtual hosts? You may need to set a <Directory> block and 'AllowOverride all' (or whatever .htaccess directives you'd like to allow) on the directory you want to use.
0
 
LVL 13

Expert Comment

by:gripe
ID: 12341058
Here is an example of how to configure an .htaccess file to allow for authentication:

AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
Require Group admins

Note that you must use htpasswd to set up your password file with the appropriate users.

What is the problem you're seeing exactly? Could you post the contents of the .htaccess file you're trying to use?

0
 
LVL 6

Author Comment

by:philjones85
ID: 12341480
i haven't seen any documentation that adds directories to the ssl.conf file, i didn't know you could do that.

that was the problem though, i added:

<Directory "/">
        AllowOverride All
        Options FollowSymLinks
        Order allow,deny
        Allow from all
</Directory>

to the ssl.conf file and it works fine now, thanks.
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
tomcat7  URL keeps resolving to https instead of HTTP 4 75
Zipping many files freeze my whole server through php 5 79
file path 14 75
mod_rewrite # anchor problem. 6 51
In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question