Access Forbidden -- Go away. ---Error when accessing Apache

[rhonneil]

Hi to All,

Could you please help me with this one. I am running Apache-2.x inside my LAN and wanted to protect some of its web page directories with passwords.
I enabled modules/mod_auth.so in my httpd.conf and was able to make my .htpasswd for user to have web page access.

My .htpasswd and .htaccess both have chmod 444 inside my /etc/httpd/conf/.htpasswd and my .htaccess inside my /home/httpd/html/private/.htaccess respectively.

heres the content of my .htaccess

127.0.0.1 : allow
192.168.0.4 : allow
ALL : deny

I have the entries on my http.conf as follows:

<VirtualHost 192.168.0.4:80>
ServerAdmin webadmin@company.com
ServerName mail.company.com
DocumentRoot "/home/httpd/htdocs"

<Directory "/home/httpd/htdocs">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>

<Directory "/home/httpd/htdocs/html/private/*">
Options None
AllowOverride AuthConfig
AuthUserFile /etc/httpd/conf/.htpasswd
AuthGroupFile /dev/null
AuthName "Restricted Area"
AuthType Basic
require user nheil rhonneil
</Directory>

<Files .pl>
Options None
AllowOverride None
Order deny,allow
Deny from all
</Files>

ErrorLog /var/log/httpd/error_log
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
TransferLog /var/log/httpd/access_log

My problem was everytime I access the directory /home/httpd/htdocs/html/private which supposedly prompt for a password when access, gives the following error:

Access Forbidden -- Go away.

Here's my Apache logs:

[Fri Nov 07 13:13:02 2003] [error] [client 192.168.0.4] (13)Permission denied: access to /html/private/debug.php denied
[Fri Nov 07 13:13:04 2003] [error] [client 192.168.0.4] (13)Permission denied: access to /html/private/debug.php denied
[Fri Nov 07 13:13:05 2003] [error] [client 192.168.0.4] (13)Permission denied: access to /html/private/debug.php denied

What could be the problem? Pls help me.

Thanks ,
rhonneil

[PhedUp]

Your .htaccess should look something like:

cat /var/www/html/.htaccess
AuthName "Some Access"
AuthType Basic
AuthUserFile /some/path/here/htpasswd.users
require valid-user

Then make sure you have an htpasswd.users file in the diresctories to be protected.

"man htpasswd" will be your friend.

The contents of your .htaccess file you posted leads me to believe you'te thinking of tcpwrappers (host.allow and host.deny) which are different animals.

hth,

[infinite_root]

Your .htaccess should look something like:

cat /var/www/html/.htaccess
AuthName "Some Access"
AuthType Basic
AuthUserFile /some/path/here/htpasswd.users
require valid-user

Then make sure you have an htpasswd.users file in the diresctories to be protected.

"man htpasswd" will be your friend.

The contents of your .htaccess file you posted leads me to believe you'te thinking of tcpwrappers (host.allow and host.deny) which are different animals.

hth,

Hi PhedUp,

I had the same requirement and also having the same problem here's my configs

<Directory "/var/www/html/private/">
Options None
AllowOverride AuthConfig
AuthName "Pls enter Password"
AuthType Basic
AuthDBMUserFile /etc/httpd/dbmpasswd
require valid-user user1 user2
</Directory>

My /etc/httpd/conf/httpd.conf
LoadModule auth_module modules/mod_auth.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so

I already Create the password file:
/usr/sbin/dbmmanage /etc/httpd/dbmpasswd user1
/usr/sbin/dbmmanage /etc/httpd/dbmpasswd user2

Had Restarted Apache:
/etc/init.d/httpd restart

but whenever I invoked this command:
#dbmmanage /home/httpd/htdocs/html/private/users view

Can't tie /var/www/html/private/users: No such file or directory at /usr/sbin/dbmmanage line 196.

Therefore can't also make users access the private folder.