Hi,
I'm setting up Trac, and want to password protect the login page, as suggested here. I'm on a shared hosting setup, so I can't modify the httpd.conf, I have to use .htacces. How do I restrict just the login page without restricting other pages? The Trac docs suggest:
<Location "/trac/login">
AuthType Basic
AuthName "Trac"
AuthUserFile /somewhere/trac.htpasswd
Require valid-user
</Location>
But the Location tag is only for httpd.conf, it doesn't work in .htaccess. How can I get the same effect? There's no "login" directory to put a .htaccess file into, it needs to go into the main trac directory.
-
This is just a guess, but can you place that in a .htaccess file, minus the
<Location>and</Location>tags, inside the /trac/login directory?Also, be sure to have your
htpasswdfile outside the document root (commonly public_html) otherwise it can be downloaded and cracked.From mlambie -
It turns out, dreamhost has a page on this very problem. Short answer: there's no good way to do it through apache configuration, so use the TracAccountManager plugin instead.
From Martin C. Martin
0 comments:
Post a Comment