[axxs-sysadmin] Solved: .htaccess & .htpasswd
aketus
aketus at anarchobase.com
Wed Jul 5 18:53:51 PDT 2006
Hi Cam,
Sorry for the very late response.
>From what I understand, the authentication was failing because it
couldn't read the htpasswd file in its location. Anything hosted 'off'
the web on anarchobase.com was unable to be read, I'm assuming a
permissions issue. Once we stored the file on a readable location
(vhosts/anarchobase.com/subdomains/aan/httpdocs/htusers) it was
readable.
I guess this is a vague security risk, in that the file can be read
(albeit with encrypted password in the file). The one thing that ensures
its security is that to open the file, one would still have to
authenticate, since that entire directory is protected.
Sorry, I'm not really an expert with this sort of thing. All I know is
that due to permissions, I couldn't save the file anywhere else outside
anarchobase.com/httpdocs or /subdomains, except in the /private folder,
which couldn't be read of course anyway.
I have a theory that it relates to the 'group' set on the directory and
file (psacln vs psaserv?), but I don't know enough to investigate. For
now, it works, and that's good enough for me.
Miguel
On Sun, 2006-07-02 at 22:54 +1000, Cameron Gregg wrote:
> aketus wrote:
> > cancel this everybody. I got help and it's all fixed now :) sorry bout
> > that
> >
>
> cool. can you give us a quick description of what you did to get it
> working, just for future reference?
>
> Cam
> _______________________________________________
> axxs-sysadmin mailing list
> axxs-sysadmin at lists.indymedia.org
> http://lists.indymedia.org/mailman/listinfo/axxs-sysadmin
More information about the axxs-sysadmin
mailing list