Women in Technology

Article:		Apache Web-Serving with Mac OS X, Part 4
Subject:		Personal configurations and passwd authentication
Date:		2002-03-11 03:42:19
From:		spiffyman
First, I just want to say thanks for a really great tutorial. After reading the Terminal tutorials and yours, I'm planning on ordering my first O'Reilly books. If they're anything like yours, I know they'll be good. In the meantime, though, I'm having a few problems. After configuring my .conf file (jboyd.conf), I cannot access localhost or 127.0.0.1, and when I try to access /~jboyd/ with localhost, it gives me a 403 Forbidden error. The .conf looks like this: <Directory "/Users/jboyd/Sites/"> Options -Indexes MultiViews AllowOverride None Order deny,allow Deny from all Allow from localhost </Directory> I've also tried "Allow from 127.0.0.1" -- to no avail. (An incidental question: can we set several IP-specific allows or denies using commas or spaces to differentiate them?) Meanwhile, accessing /~jboyd/ at 127.0.0.1 does not ask for any authentication. I've created an .htaccess file via pico (which now resides in my Sites directory) with the following pertinent lines: AuthName "Jeremy Boyd's Personal Training Grounds" AuthType Basic AuthUserFile /Library/WebServer/.htpasswd require user jboyd Yes, the .htpasswd file exists, and yes, jboyd is in it. I'm unsure whether the .htaccess file is in the right place, though. Any help would be appreciated. Thanks again for great articles, but no thanks for enthralling me and keeping me up all night. ;-)

Showing messages 1 through 3 of 3.

• Personal configurations and passwd authentication
  2002-03-11 17:00:44  Morbus Iff | [View]
  
  
  When you get that 403 error, check your error logfile - does your IP address show as 127 or localhost? If it doesn't, then you'll need to add that IP into your "Allow" line. You can only have one IP, IP range, or hostname per "Allow" line.
  
  Finally, authentication will NOT work unless you've told Apache to allow authetication under the Sites directory. This involves opening your username.conf file (located in /etc/httpd/users/username.conf) and adding "AllowOverride AuthConfig" (for just authentication control) or "AllowOverride All" (to allow overriding of all default Apache directives).
• Personal configurations and passwd authentication
  2002-03-11 18:37:51  spiffyman [View]
  
  
  Thanks for the help, but I'm still having problems. The error log reads my static IP address, so I changed the .conf file to read:
  
  <Directory "/Users/jboyd/Sites/">
  Options -Indexes MultiViews
  AllowOverride All
  Order deny,allow
  Deny from all
  Allow from my.address.is.here
  </Directory>
  
  Still Forbidden, and still no password authentication. Also, I still can't access the DocumentRoot using localhost or 127.0.0.1. I didn't think my personal .conf file or my .htaccess file would change that. Am I missing something?
  
  Thanks a bunch.
• Personal configurations and passwd authentication
  2002-03-13 20:15:36  Morbus Iff | [View]
  
  
  What do you have in the /Users/jboyd/Sites/ directory? Is there a index.html or index.htm file in there? As it is now, with "-Indexes" turned off in your config, I'm thinking that Apache's trying to resolve an index *first*, before the user authentication.
  
  First things first, change "-Indexes" to just place old "Indexes", so that automatic indexes are created. THEN try getting to /~jboyd/ and tell me what you see.
  
  Concerning your DocumentRoot, no, an .htaccess file shouldn't be able to harm that, but using you could do some damage with your user .conf file. If the .conf file is all you've shown me here though, then it shouldn' t be a problem.
  
  Finally, what are the contents of your error_log, shortly after you get the 403 Forbidden error message?