Solved

enable .htaccess files within ssl.conf

Posted on 2004-10-18
3
1,238 Views
Last Modified: 2008-03-17
i'm trying to use htaccess files on my secure site but i can't get them to work, i was hoping someone could tell me how to edit the file to allow a subdirectory to be password protected

i.e.  html/secure_dir/


my ssl.conf file roughly looks like this

<IfDefine SSL>
Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

#   Pass Phrase Dialog:
#   Configure the pass phrase gathering process.
#   The filtering dialog program (`builtin' is a internal
#   terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog  builtin

#   Inter-Process Session Cache:
#   Configure the SSL Session Cache: First the mechanism
#   to use and second the expiring timeout (in seconds).
#SSLSessionCache        none
#SSLSessionCache        shmht:logs/ssl_scache(512000)
#SSLSessionCache        shmcb:logs/ssl_scache(512000)
SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300

#   Semaphore:
#   Configure the path to the mutual exclusion semaphore the
#   SSL engine uses internally for inter-process synchronization.
SSLMutex  file:logs/ssl_mutex

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin


<VirtualHost XXX.XXX.XXX.XXX:443>

#  General setup for the virtual host

DocumentRoot "/usr/local/apache/domain/html"
ServerName www.domain.com:443
ServerAdmin admin@domain.com
ErrorLog /usr/local/apache/domain/logs/ssl_error_log
TransferLog /usr/local/apache/domain/logs/ssl_access_log

.....
certificate crap
.....

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars +
</Files>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>
0
Comment
Question by:philjones85
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
gripe earned 500 total points
ID: 12341041
Do you have an AllowOverride directive set to 'none' somewhere in your config that is cascading down to your Virtual hosts? You may need to set a <Directory> block and 'AllowOverride all' (or whatever .htaccess directives you'd like to allow) on the directory you want to use.
0
 
LVL 13

Expert Comment

by:gripe
ID: 12341058
Here is an example of how to configure an .htaccess file to allow for authentication:

AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
Require Group admins

Note that you must use htpasswd to set up your password file with the appropriate users.

What is the problem you're seeing exactly? Could you post the contents of the .htaccess file you're trying to use?

0
 
LVL 6

Author Comment

by:philjones85
ID: 12341480
i haven't seen any documentation that adds directories to the ssl.conf file, i didn't know you could do that.

that was the problem though, i added:

<Directory "/">
        AllowOverride All
        Options FollowSymLinks
        Order allow,deny
        Allow from all
</Directory>

to the ssl.conf file and it works fine now, thanks.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question