I think this should work for you:
<Location />
AuthType Basic
AuthUserFile /etc/apache2/ssl/user_auth
AuthName "Test"
Require valid-user
</Location>
Put this in under the <VirtualHost> section. Then use the htpasswd
program to create the /etc/apache2/ssl/user_auth file.
-petri
On 6/22/05, Michael Martinell <[EMAIL PROTECTED]> wrote:
>
>
> > -----Original Message-----
> > From: Jon Dowland [mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, June 22, 2005 6:24 AM
> > To: debian-user
> > Subject: Re: secure apache in debian
> >
> > Michael Martinell wrote:
> >
> > > What is the best way to secure an entire site in apache? I have 3.1 r0
> > and
> > > have installed the apache package. Basically I want 1 user to be able to
> > > access any directory or folder that exists now or will ever exist in the
> > > future in the /var/www path.
> >
> > You'll have to be a bit more specific. When I read 'secure' I think,
> > 'secure transmission' and you mean setting up HTTPS. However, it sounds
> > like what you're really after is realm-based HTTP authentication.
> >
> >
> > --
> > To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> > with a subject of "unsubscribe". Trouble? Contact
> > [EMAIL PROTECTED]
>
> I have an in-house server for administrators, technicians and such to get
> install files and so forth off of. I do not really want the casual user to
> be able to access this server and install software without approval. Since
> security isn't real high here I thought a single log in would be ok. I
> thought there was a way to put some entries into httpd.conf that would cause
> the whole server, no matter what page it served up to prompt for a password.
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
