Задать вопрос

Почему авторизация через .htaccess не работает в некоторых папках?

Есть сервер на дебиане, на котором крутится Apache 2.2.22.
Внезапно выяснил что не работает AuthType Basic в некоторых поддиректориях:
.htaccess в /home/www/cgi-bin :
ErrorDocument 404 /ecodes/404.html
ErrorDocument 403 /ecodes/403.html
ErrorDocument 401 /ecodes/401.html
ErrorDocument 500 /ecodes/500.html

SetEnvIf Request_URI "p/*.*" REDIRECT_noauth=1

Options -Indexes

AuthType Basic
AuthName "Please login, this area is protected!"
AuthUserFile /var/www/server.domian.ru/invent/.htpasswd
Order Deny,Allow
Satisfy any
Deny from all
Allow from env=REDIRECT_noauth
require valid-user

<FilesMatch  "\.(pl_|pm|cookie)$">
Order Deny,Allow
Deny from all
</FilesMatch>

И логин\пароль запрашиваются.
В папке /home/www/cgi-bin/skd тоже (там есть файл index.pl)
НО в папке /home/www/cgi-bin/skd/api уже 403 ошибка и нет запроса пароля!
И скрипт server.domain.ru/cgi-bin/skd/api/test.pl доступн без всякой авторизации!
Настроено 2 поддомена: weather.domain.tld и server.domain.tld.
В /etc/apache2/sites-avaible/default:
<VirtualHost *:80>
	ServerAdmin beklemishev@domain.ru

	DocumentRoot /var/www/server.domain.ru
	ServerName server.domain.ru
#	<Directory />
#		Options FollowSymLinks
#		AllowOverride None
#	</Directory>
	<Directory /var/www/server.domain.ru/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>
	
	#ScriptAlias /cgi-bin/ /home/www/cgi-bin/
	Alias /cgi-bin /home/www/cgi-bin
	<Directory "/home/www/cgi-bin">
		AllowOverride All
		#AllowOverride AuthConfig 
		#Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		AddHandler cgi-script cgi pl
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		#Option +ExecCGI
		#Order allow,deny
		#Allow from all
#		Require all granted
	</Directory>
#	<Directory "/home/www/cgi-bin/skd/api/">
#		AllowOverride All
#	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.server.domain.ru.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel debug

	CustomLog ${APACHE_LOG_DIR}/access.server.domain.ru.log combined
</VirtualHost>

<VirtualHost *:80>
	ServerAdmin beklemishev@domain.ru

	DocumentRoot /var/www/weather.domain.ru
	ServerName weather.domain.ru
#	<Directory />
#		Options FollowSymLinks
#		AllowOverride None
#	</Directory>
	<Directory /var/www/weather.domain.ru/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>

	Alias /api /home/www/cgi-bin/p/temperature/api
	<Directory "/home/www/cgi-bin/p/temperature/api">
		AllowOverride All
#		AuthType None
		AddHandler cgi-script cgi pl
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		#Order allow,deny
		#Allow from all
		Require all granted
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.weather.domain.ru.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.weather.domain.ru.log combined
</VirtualHost>


В apache2.conf:
# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives and /usr/share/doc/apache2-common/README.Debian.gz about
# Debian specific hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.

# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
#	/etc/apache2/
#	|-- apache2.conf
#	|	`--  ports.conf
#	|-- mods-enabled
#	|	|-- *.load
#	|	`-- *.conf
#	|-- conf.d
#	|	`-- *
# 	`-- sites-enabled
#	 	`-- *
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
#   together by including all remaining configuration files when starting up the
#   web server.
#
#   In order to avoid conflicts with backup files, the Include directive is
#   adapted to ignore files that:
#   - do not begin with a letter or number
#   - contain a character that is neither letter nor number nor _-:.
#   - contain .dpkg
#
#   Yet we strongly suggest that all configuration files either end with a
#   .conf or .load suffix in the file name. The next Debian release will
#   ignore files not ending with .conf (or .load for mods-enabled).
#
# * ports.conf is always included from the main configuration file. It is
#   supposed to determine listening ports for incoming connections, and which
#   of these ports are used for name based virtual hosts.
#
# * Configuration files in the mods-enabled/ and sites-enabled/ directories
#   contain particular configuration snippets which manage modules or virtual
#   host configurations, respectively.
#
#   They are activated by symlinking available configuration files from their
#   respective *-available/ counterparts. These should be managed by using our
#   helpers a2enmod/a2dismod, a2ensite/a2dissite. See
#   their respective man pages for detailed information.
#
# * Configuration files in the conf.d directory are either provided by other
#   packages or may be added by the local administrator. Local additions
#   should start with local- or end with .local.conf to avoid name clashes. All
#   files in conf.d are considered (excluding the exceptions noted above) by
#   the Apache 2 web server.
#
# * The binary is called apache2. Due to the use of environment variables, in
#   the default configuration, apache2 needs to be started/stopped with
#   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
#   work with the default configuration.


# Global configuration
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE!  If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#LoadModule cgi_module modules/mod_cgi.so
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5

##
## Server-Pool Size Regulation (MPM specific)
## 

<IfModule mpm_prefork_module>
    StartServers          5
    MinSpareServers       5
    MaxSpareServers      10
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

<IfModule mpm_worker_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

<IfModule mpm_event_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride
# directive.
#

AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy all
</Files>

#--------------------------------------------------------------------------------------
#<Directory /var/www/>
#	Options Indexes FollowSymLinks
#	AllowOverride All
#	Require all granted
#</Directory>

DefaultType None

HostnameLookups Off

ErrorLog ${APACHE_LOG_DIR}/error.log

LogLevel debug

# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf

# Include list of ports to listen on and which to use for name based vhosts
Include ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

# Include of directories ignores editors' and dpkg's backup files,
# see the comments above for details.

# Include generic snippets of statements
Include conf.d/

# Include the virtual host configurations:
Include sites-enabled/
AddDefaultCharset UTF-8


В чем может быть причина?
  • Вопрос задан
  • 1957 просмотров
Подписаться 2 Оценить Комментировать
Решения вопроса 1
@ShamblerR
1. нет ли в этой папке своего .htaccess.
2. чо произодйдет если его там положить?
3. SetEnvIf зачем это? обьясните задачу которую преследуете?
4. какой движок
Ответ написан
Пригласить эксперта
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Похожие вопросы