apache cant read .htpasswd_stats
Hi tryd today to open my /stats and could not log into the folder.
In logfile I only got:
user admin: authentication failure for "/stats/": Password Mismatch
I figured out, that the problem relies someware on the permissions ispconfig set.
When I copy the .htpasswd_stats to /tmp and change the path in the .htaccess file I can log into the page.
Will it not be better to configure a speciel path for all htpasswd files (for all websites) and do the setup in the apache vhost file with the directory directive for more security.
<-- Make sure that the AuthUserFile is stored outside the document tree of the web-server. Do not put it in the directory that it protects. Otherwise, clients may be able to download the AuthUserFile. ---> https://httpd.apache.org/docs/2.2/mod/mod_authn_file.html
Version I use is 3.0.5 RC2