Hi,
thanks, this definitively brings me forward. I indeed want apache to
deliver a listing of the contents of the dir (also of the symlink and the
stuff below), since it contains only pics and data files I want to be able
to download like this. It seems a waste of time to me to have to create
index.html specifically for this. It would be nice though, if apache could
create a nice index page with appropriate icons (perhaps thumbnail view
.. ?). Perhaps somebody on the list did something similar and simply can
mail me their relevant config files ?
About .htaccess: Am I correct to understand that a ,htaccess file is in
fact a directory container of the form <Directory .> ... </Directtory> ?
It seems so from the sample you send me and I didn't find this tiny, but
crucial, info in any of the docs ... This is what I meant by "docs are
not written for people starting with apache".
Thanks, Schlomo
PS: What about the VT420 stuff ???
On Tue, 4 May 1999, guy keren wrote:
>
> On Mon, 3 May 1999, Schlomo Schapiro wrote:
>
> > Anyway, in my httpd.conf the user dirs are set as follows:
> > <Directory /*/public_html>
> > AllowOverride All
> > Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
>
> for the symbolic link, this option ^^^^^^ sais that apache will follow a
> symbolic link only if the owner of the link is the same as the owner of
> the file the link points to. If you want to remove this limitation,
> replace this keyword with 'FollowSymLinks', and restart apache.
>
> > <Limit GET POST OPTIONS PROPFIND>
> > Order allow,deny
> > Allow from all
> > </Limit>
> > <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
> > Order deny,allow
> > Deny from all
> > </Limit>
> > </Directory>
> >
> > I think that this is a reasonable config put there by my distri.
>
> seems to be so.
>
> > The point is, what do I have to put in the .htaccess in ~/public_html to
> > allow all the things I need.
>
> you shouldn't need to use any '.htaccess' file in your public_html
> directory, just to let symboli links work properly.
>
> > The problem is very simple. I made a dir
> > (public_html/film) and when i tell the browser ..../~schapiro/film I get
> > an access denied page. dir rights are 755 and should be fine. It seems to
> > me that apache doesn't allow entrance into subdirs in the userdirs at all
> > and I wonder how to tell it in my .htaccess that for this specific dir it
> > should allow it.
>
> 1. can you access files that are place directly in the public_html
> directory?
>
> 2. Did you put any file (index.html in particular) under your 'film'
> directory? if not, apache thinks you're trying to get a listing of the
> directory's contents, and for some reason this fails - you should check
> the 'error_log' file of apache (found in its logs directory) for an
> error message that _might_ give you soe hint regarding the problem.
>
> finally, as for doing password authentication, there are two parts for the
> answer.
>
> first, for the '.htaccess' file in the protected direcotyr, it should look
> something like this:
>
> AuthType Basic
> AuthName shlomo_film_files
> AuthUserFile /home/choo/some_safe_dir/choo.pwd
>
> <Limit GET POST>
> require valid-user
> </Limit>
>
> note that the 'authname' may contain any string, and that 'authuserfile'
> should point to a file that is readable only by you and the user under
> which apache is running, NOT by all system users (as it contains passwords
> for this protection). you ought to look up 'AuthType', 'AuthName' and
> 'AuthUserFile' on apache's documentation at www.apache.org .
>
> as for authenticating against your local /etc/passwd file, there is a
> solution for that (some module you can download from apache's web page),
> but it is NOT recommended for use only a web site, because it means people
> can try brute-force attacks on your system without the server making
> proper logs or having any 'flow control' on these attempts.
>
> guy
>
>
>
>
>
