On Thu, Jun 25, 2009 at 1:30 PM, Jesus arteche<chechu.li...@gmail.com> wrote: > Hello, > > I have an Apache2 server, it is working with 2 virtual directories, with the > next conf: > > > > NameVirtualHost * > <VirtualHost *> > ServerAdmin dpto.siste...@acme.es > ServerName web1.acme.com > DocumentRoot /var/www/web1/web/ > <Directory /var/www/web1/web/> > Options Indexes MultiViews > AllowOverride None > Order allow,deny > allow from all > </Directory> > > <Location /> > DAV On > AuthType Basic > AuthName "webdav" > AuthUserFile /var/www/web1/passwd.dav > Require valid-user > </Location> > # Logfiles > ErrorLog /var/www/web1/logs/error.log > CustomLog /var/www/web1/logs/access.log combined > > > > </VirtualHost> > > > > # > # Example.org (/etc/apache2/sites-available/www.example.org) > # > <VirtualHost *> > ServerAdmin dpto.siste...@acme.es > ServerName web2.acme.es > > # Indexes + Directory Root. > DirectoryIndex auth.php > DocumentRoot /var/www/web2/ > > > # Logfiles > ErrorLog /var/www/web2/logs/error.log > CustomLog /var/www/web2/logs/access.log combined > </VirtualHost> > > The problem is that when I try to access http://web1.acme.es everything is > ok, the browser ask me for a password and the show me the files, but when i > try to access http://web1_acme_es_ip/web1 it shos me the files without ask > me any password, i need to solve this security failure. Someone knows how > can i do it? Reverse the order [1] and your ip will be server by web2.acme.com.
Did you clear auth cache before access these files by ip ? [1] From http://httpd.apache.org/docs/2.0/vhosts/examples.html " Due to the fact that www.example1.com is first in the configuration file, it has the highest priority and can be seen as the default or primary server. That means that if a request is received that does not match one of the specified ServerName directives, it will be served by this first VirtualHost." -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
