Hi All,

I'm running apache 2.0.52 on a windows 2003 server. I'd like to restrict a directory when access via a browser.
With IIS, I could set directory security on the virtual site to require authentication via a popup box.

1. Is there something similar when using apache? (require authentication to be typed into a popup box).
2. I don't want to use .htaccess files to restrict directories, I wan't to use the httpd.conf file, but not sure how to secure say wwwroot\privateDir with wwwroot being the root web directory.

Something like:

<Directory /wwwroot/privateDir>
What would go here to cause a popup authentication for this directory?
</Directory>


Thank you.

ok....

this is what i tried:

<Directory /wwwroot/privateDir>
AuthType Basic
AuthName "Restricted Files"
AuthUserFile F:/Apache2/var/somepwdfile
Require user someuser
</Directory>

i created the somepwdfile using the htpasswd.exe that came with apache, and tried both with the password SHA encrypted and plain text. i stopped, restarted apache...and still i'm getting the forbidden error:

Forbidden
You don't have permission to access /privateDir/ on this server.

did i miss a step?

ok...i got it.

i just didn't have the full path name

<Directory F:/fullPathto/wwwroot/privateDir>