密码使用.htaccess保护嵌套目录

I have multiple directories that look something like this:

我有多个目录看起来像这样:

root
  - directory 1
  - directory 2
  - directory 3
     - sub directory 1
     - sub directory 2
     - sub directory 3

Root is protected with a .htaccess right now,

Root现在受.htaccess保护,

What im looking to do is Protect sub directory 1,2, and 3 with different usernames / passwords

我要做的是使用不同的用户名/密码保护子目录1,2和3

Can this be done? If so how?

可以这样做吗?如果是这样的话?

Right now my .htaccess file that is located in directory 3 looks like this:

现在,位于目录3中的.htaccess文件如下所示:

AuthUserFile path/path/path/sub directory 1/ .htpasswd
AuthUserFile path/path/path/sub directory 2/ .htpasswd
AuthUserFile path/path/path/sub directory 3/ .htpasswd

AuthName "Please Log In"
AuthType Basic
require valid-user

however it doesnt work...and im getting Internal Error Server

但它不起作用...我得到内部错误服务器

1 个解决方案

#1

You need a separate htaccess file in each of your subdirectories that point to the specific htpassword file. You can't separate which sub directories use which htpasswd file like you have in your htaccess.

您需要在每个子目录中有一个单独的htaccess文件,指向特定的htpassword文件。你不能分开哪些子目录使用你的htaccess中的htpasswd文件。

Additionally, don't leave spaces in the page, apache will think you're referring to multiple parameters for a directive.

另外,不要在页面中留空格,apache会认为你指的是指令的多个参数。

So in the htaccess file in each subdirectory, try something like:

所以在每个子目录的htaccess文件中,尝试类似下面的内容:

AuthUserFile .htpasswd
AuthName "Please Log In"
AuthType Basic
require valid-user

but note, it's generally a really really bad idea to leave your password file in the webroot, allowing people to possibly download it.

但请注意,将密码文件保留在webroot中通常是一个非常糟糕的主意,允许人们下载它。

#1