Hi folks,

sorry, no PHP or else this time, just a quick OT question (don't want to
need to subscribe to another mailing list).

I'm just messing around with our Apache config and thought someone could
give me a quick pointer...

Here we go:

<Directory /www/internal>
    AllowOverride AuthConfig Limit
</Directory>

The .htaccess file reads
    AuthName "IPlease authenticate"
    AuthType Basic
    AuthUserFile /www/.htpasswd
    AuthGroupFile /www/.htgroup
    Require group internal
    Allow from 10.10.10.0/28
    Satisfy any

If I remove the "Allow" and "Satisfy any" clause, Apache correctly
authenticates a user. However I want to have our internal net
(10.10.10.0/28) to get in w/o authentication.

Unfortunately, adding the "Allow" and "Satisfy" clauses virtually renders
the page unsecured, you can get in without auth from everywhere.

Running Apache 1.3.23 on RHL 7.2. Any clues?

Thanks, and sorry for OT


-- 
   >O     Ernest E. Vogelsinger
   (\)    ICQ #13394035
    ^     http://www.vogelsinger.at/



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to