On Fri, 18 Apr 2008, Pam Astor wrote: > > Hi, > > I'm trying to password protect one of my web accessable > directories and I can't get .htaccess to work in a Centos 5.1 box > Here's what I did > > I created an .htaccess file with the contents: > > AuthName "Restricted Area" > AuthType Basic > AuthUserFile /home/mysite/.htpasswd > AuthGroupFile /dev/null > require valid-user > > and I uploaded it to the dir I want to protect. Then I created my password > outside of my web dir with the command: htpasswd -c .htpasswd pam > then followed password prompts, created my password. > > So then I go to the site, and am not seeing any password required box, > I can see site without a login. > > So then I figured it's not turned on in apache, and went to httpd.conf and changed > AllowOverride None to AllowOverride AuthConfig > > When I reload, apache will not reload. > > What am I doing wrong? The syntax for auth stuff changed between Apache 2.0 and 2.2 (which is used in CentOS 5). In particular, you'll need a AuthBasicProvider declaration: http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicprovider -- Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/