<Directory> tag explanationHere is a sample script allowing all users:
<Directory "/var/www/static/">
Options -Indexes
Order deny,allow
Allow from all
AllowOverride All
Require all granted
</Directory>Options -Indexes: Removes the ability to view all files in directory if index html or php are not presentOrder deny,allow: Applies the deny operations before the allow operationsAllowOverride All: Allows .htaccess to override settings in httpd.conf, etcRequire all granted: some mod_authz_core thing. Not completely sure.# PW protect URL
<Location "/secret-stuff">
AuthType Basic
AuthName "Private Directory"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Location>
# PW protect directory
<Directory "/path/to/directory">
# ... Look above
</Directory>AuthType Basic: Set the Basic authentication methodAuthName "Private Directory": Provide a name for the location. This shows up on the login modal/popup (optional)AuthUserFile /etc/httpd/.htpasswd: Specify the pathname to the file that contains usernames and passwords. The usual filename to use is .htpasswdRequire valid-user: Specify that only users that exist in the file are allowed access.htpasswd file:htpasswd /etc/httpd/.htpasswd newuserhtpasswd -p /etc/httpd/.htpasswd newuserThis is the user with permissions on your machine that apache uses to carry out its functions. If you are getting permission denied in the error.log you probably need to add this group to the directory/file.
For Ubuntu the default user and group is www-data. You can find it in /etc/apache2/apache2.conf which will look like:
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}${APACHE_RUN_USER} is a reference to environment variables set in /etc/apache2/envvars so just go look in there for APACHE_RUN_USER
via Lars Noodén on this thread
| Command | Description |
|---|---|
sudo /etc/init.d/apache2 reload | Restart the apache server |