I would like to restrict access to files accessed via http. I am using DOT 7.2. First I configured standard http services - everything is running smoothly. My settings:
httpd.access legacy httpd.admin.access legacy httpd.admin.enable off httpd.admin.hostsequiv.enable off httpd.admin.max_connections 1023 httpd.admin.ssl.enable on httpd.autoindex.enable off httpd.enable on httpd.log.format common httpd.method.trace.enable off httpd.rootdir /vol/docs httpd.timeout 300 httpd.timewait.enable off
/vol/docs is dedicated for http access FlexVol with ntfs access rights filer is configured also for CIFS in workgroup mode). Now I try to limit access to the services - one dedicated user and standard authentication is enough. In accordance to documentation I have prepared the following files:
/etc/httpd.passwd psuser:_J9..PYJ.MWfkaOhMiFc
/etc/httpd.group psgroup:psuser
/etc/httpd.access <Directory /vol/docs/> AuthName Dokumentacja PS <Limit GET> require user psuser </Limit> </Directory> <Directory /vol/docs/telco> AuthName Dokumentacja PS <Limit GET> require user psuser </Limit> </Directory>
But it does not work: anyone can access the files without any authentication. What am I missing? How can I troubleshoot http access? (httpd.log file does not contain anything helpful).
Best regards,
Jacek
--- avast! Antivirus: Outbound message clean. Virus Database (VPS): 0638-0, 2006-09-19 Tested on: 2006-09-19 23:18:41 avast! - copyright (c) 1988-2006 ALWIL Software. http://www.avast.com