Password protecting directories for Apache (in Debian)

[Pyroflea]

Not technically a Linux issue, but no other forum would be as helpful

I've set up a Debian virtual machine that is running as a web server. Once I'm finished getting everything set up, I'm making it externally accessible. I have a subversion server w/ web interface, and those are both username/password protected without an issue.

What I'm basically wanting to do is require a username/password to access the entire /var/www/ directory. I've followed a few guides, but none of them seem to be working.

Basically I made an .htaccess file in /var/www/, with the following contents:

AuthUserFile /etc/apache2/dav_svn.passwd
AuthGroupFile /dev/null
AuthName MySiteWeb
AuthType Basic
require valid-user

I already had a username/password file made with htpasswd that I just used instead of .htpasswd. Not sure if this makes a difference or not, but I see no reason why it would.

I must be missing something here. I can still access my web server without any prompt for credentials.

Thanks guys,


- Jesse

 

[Ijack]

That looks OK. I wonder if it could be a matter of credentials being cached. You might like to have a look at this article: http://www.apacheweek.com/features/userauth which explains things quite well. It does mention, towards the bottom, the difficulty of testing authentication because of caching.

Have you tried closing your browser and restarting it, or even restarting the client OS, to clear cached entries?

 

[Pyroflea]

Thanks for the link, that was a good read.

Basically I've started right from the beginning again just in an attempt to get it working. I went back to a snapshot of a clean Debian install I had. I created the username file, and created the .htaccess file. Rebooted the VM, closed and re-opened my browser. Still no prompt. I'm a bit stumped at this point. Will have to do a bit more searching.

Thanks again,


- Jesse

 

[Pyroflea]

Alright, made some progress. Upon following this guide, I've got it to work, kind of. I still couldn't get /var/www/ to be password protected. I tried with /var/www/web/ however, and it worked, hmm. This isn't ideally what I wanted, but I guess it will work for the time being. I'm still going to try to get it working on the root web directory however.

 

[bmouring]

The httppd.conf method or the .htaccess method?

I have a server at my disposal that I can try dinking around with to see if I can find something that works

 

[Pyroflea]

I tried replicating my results on another VM (tried both methods), no dice. No idea what's going on there. I think I just had put too much time into it for one sitting. GOnna give it another go later on today.

 

[Pyroflea]

I got it working again. Figured out what I did wrong last time too, so that should save some headaches

 

[Pyroflea]

Best answer selected by Pyroflea.