I have a previous post which demonstrates how to add HTTP Authentication by .htaccess.
.htaccess – Setting Password For Your Web Folder
But if it does not work and shown the following error in the Apache error log
- /home/ykyuen/public_html/.htaccess: Invalid command ‘AuthUserFile’, perhaps misspelled or defined by a module not included in the server configuration
Continue reading .htaccess – Invalid command ‘AuthUserFile’, perhaps misspelled or defined by a module not included in the server configuration
So if both .htaccess and httpd.conf can serve the same purpose (Apache – Disable Directory Listing), which one should we pick?
On performance point of view, .htaccess is read every time when the directory is loaded. and each directory can have it own .htaccess. so this may cause a performance hit but seems that it is not very significant.
The Fubra Blog – .htaccess vs httpd.conf
On the other hand, the situation may bother your choice. Not every user got the permission on writing the httpd.conf file and they may even do not have the right to restart the Apache Server. In this case, you have to use .htaccess to restrict the access right.
Here is a summary comparing .htaccess and httpd.conf. Continue reading Apache – .htaccess VS httpd.conf
Usually, the web root directory has folders containing the some files and images. When user browse the directory url in the browser, he/she could access those files and images as shown in the following picture.
Continue reading Apache – Disable Directory Listing