我正在Apache 2.4.9奔跑。PHP 5.5.9OS X Server Beta 3.5 (14S171z)
我的目录中有以下配置.htaccess,我想使用基本身份验证来保护它:
AuthType Basic
AuthName "restricted area"
AuthUserFile /absolute/path/to/.htpasswd
Require valid-user
IndexIgnore *
VirtualHost 配置(由 管理OS X Server):
<VirtualHost *:80>
ServerName REDACTED
ServerAdmin [email protected]
DocumentRoot "/absolute/path/to/document/root"
DirectoryIndex index.html index.php /wiki/ /xcode/ default.html
CustomLog /var/log/apache2/access_log combinedvhost
ErrorLog /var/log/apache2/error_log
<IfModule mod_ssl.c>
SSLEngine Off
SSLCipherSuite "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM"
SSLProtocol -ALL +SSLv3 +TLSv1
SSLProxyEngine On
SSLProxyProtocol -ALL +SSLv3 +TLSv1
</IfModule>
<Directory "/absolute/path/to/document/root">
Options All -Indexes -ExecCGI -Includes +MultiViews
AllowOverride All
<IfModule mod_dav.c>
DAV Off
</IfModule>
<IfDefine !WEBSERVICE_ON>
Deny from all
ErrorDocument 403 /customerror/websitesoff403.html
</IfDefine>
</Directory>
ServerAlias REDACTED
</VirtualHost>
以下模块已启用(这是部分列表):
authn_file_module (shared)
authn_core_module (shared)
authz_host_module (shared)
authz_groupfile_module (shared)
authz_user_module (shared)
authz_core_module (shared)
access_compat_module (shared)
auth_basic_module (shared)
当我尝试访问目录中包含的任何文件时.htaccess,我得到403 Forbidden并在错误日志中记录以下内容:
[Thu Jun 05 14:09:55.598801 2014] [authz_core:error] [pid 59601] [client REDACTED] AH01630: client denied by server configuration: /absolute/path/to/a/file/in/the/folder/with/htaccess
难道我不应该被提示进行身份验证而不是 403 错误吗?
答案1
这很可疑:
<IfDefine !WEBSERVICE_ON>
Deny from all
ErrorDocument 403 /customerror/websitesoff403.html
</IfDefine>
如果没有在某处定义,那么所有请求在到达 .htaccess 文件之前就会被拒绝。