From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Pam Astor
Sent: Sunday, April 06, 2008 9:59 PM
To: CentOS mailing list
Subject: RE: [CentOS] Apache Authorization Access Control - location ofhtpasswd in Centos 5.1?

> > > > I tried creating a password file by executing htpasswd -c
> > /passwd/passwords
> > > > famsite but apparently htpasswd is not in my path, I’m getting the
> > > > “cannot create file /passwd/passwords famsite” error.
> > >
> > > That rather sounds like the path /passwd/passwords does not exist or
> > is not
> > > writable.
> > >
> >
> > Well, I just tried chomd 777 passwords and still the same problem.
>
> Can you show us what the result of the
>
> ls -l /passwd/passwords
>
> command is?
 
Thanks for asking there, actually the problem has been solved, I deleted the passwords
dir and chmoded 777 the passwd dir and the unsername and password were created
by htpasswd. 
 
chmod to 777 is never a good thing.  I believe the file needs to be owned by root with group ownership to apache at 640.  There are also requirements on the .htaccess file as well.
 
At one time, and it may still be, there was an example in one of the /etc/httpd directories using mysql to do the authentication rather than apache.  It might be a little more secure but not by much if you're not using SSL.
 
 

Pack up or back up–use SkyDrive to transfer files or keep extra copies. Learn how.