Help configuring secure/non-secure portions of site

Help configuring secure/non-secure portions of site

Post by dbenso » Tue, 20 Jun 2000 04:00:00



While our web site is under development, we have password
protected the site using basic authentication. However there's
an images subdirectory that we'd like to reference for some
demos that doesn't need any authentication.

I can't seem to come up with a httpd.conf that let's me do this.
My best guess is that since the top level directory specifies
basic authentication, apache (1.3.9) inherits this property for
all subdirs?

Relevant section from httpd.conf:
<Directory "/docroot">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
    AuthType Basic
    AuthName "access required"
    AuthUserFile /usr/local/apache/conf/outside-htpasswd
    require valid-user
</Directory>

# images shouldn't require password
<Directory "/docroot/images">
    Options Indexes FollowSymLinks
    AllowOverride None
</Directory>

Got questions?  Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com

 
 
 

Help configuring secure/non-secure portions of site

Post by Jason Nugen » Wed, 21 Jun 2000 04:00:00


You might want to set up an Aliased directory on a non-secured portion
of the site that contains your images. That way, you can still have your
secured directory, but use image tags like:

<img src="/images/image.gif" ... >

by using:

Alias /images /path/to/images/directory

and then you won't have to worry about it. Of course, this would mean
that you'd have to move the images sub-directory to some other spot.

Jason


> While our web site is under development, we have password
> protected the site using basic authentication. However there's
> an images subdirectory that we'd like to reference for some
> demos that doesn't need any authentication.

> I can't seem to come up with a httpd.conf that let's me do this.
> My best guess is that since the top level directory specifies
> basic authentication, apache (1.3.9) inherits this property for
> all subdirs?

> Relevant section from httpd.conf:
> <Directory "/docroot">
>     Options Indexes FollowSymLinks
>     AllowOverride None
>     Order allow,deny
>     Allow from all
>     AuthType Basic
>     AuthName "access required"
>     AuthUserFile /usr/local/apache/conf/outside-htpasswd
>     require valid-user
> </Directory>

> # images shouldn't require password
> <Directory "/docroot/images">
>     Options Indexes FollowSymLinks
>     AllowOverride None
> </Directory>

> Got questions?  Get answers over the phone at Keen.com.
> Up to 100 minutes free!
> http://www.keen.com

--
--------------------------
Jason Nugent, BSc(hon)
Mal[MiC]Havoc
Certified Webmaster

--------------------------

 
 
 

1. secure/non-secure terminal designation

Is there a way to configure AIX so that the user 'root' can only login
directly from specified (secure) terminals?  In the case where a direct
login is not allowed, the 'su' command would have to be used.
In SunOS this can be done with the 'secure' designation (or lack thereof)
in the file /etc/ttytab.

--  

     University Computing and Networking Services, Athens, GA 30602-1911        

2. AOpen ALN-201 Ethernet Card on RedHat6.1 not working

3. secure/non-secure msg when viewing webpage

4. can mgetty and kermit use same modem ?

5. avoid warning of redirection to non-secure url from secure url

6. How to serve up user documents *as* that user?

7. Secure and non-secure websites

8. Slab.c

9. Symbolic links between secure/non-secure server

10. Secure and Non-secure on the same box????

11. use of secure and non secure FTP on the sme server

12. Secure Secure Secure

13. secure - non secure ftp on two NIC's