Apache2 cannot get authentication to work

Question

Running:

Apache 2.4.41 on Ubuntu 20.04

I am trying to force authentication on /var/www/html but I think I have tried every combination of options possible but every single time it lets people in with following message in access.log

AH01625: authorization result of <RequireAny>: granted (directive
limited to other methods)

My vHost file :

ServerName icecast01.sbsica.com
ServerAdmin info@sbsica.com

DocumentRoot /var/www/html

ErrorLog /var/log/apache2/icecast01.sbsica.com_error.log
CustomLog /var/log/apache2/icecast01.sbsica.com_access.log "combined"
Alias /awstatsclasses /usr/share/awstats/lib/
Alias /awstats-icon/ /usr/share/awstats/icon/
Alias /awstatscss /usr/share/doc/awstats/examples/css

SSLProtocol +TLSv1.1 +TLSv1.2 +TLSv1.3

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCACertificateFile /etc/letsencrypt/live/icecast01.sbsica.com/chain.pem

LogLevel debug
SSLCertificateFile /etc/letsencrypt/live/icecast01.sbsica.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/icecast01.sbsica.com/privkey.pem

<Directory "/var/www/html">
    Options FollowSymLinks
    DirectoryIndex index.php index.html
    AllowOverride AuthConfig
    Require all denied
    <RequireAny>
        <RequireAll>
            AuthDigestDomain "SBSI"
            AuthDigestProvider file
            AuthUserFile /etc/sbsi/htdigest.users
            AuthGroupFile /etc/group
            AuthName "SBSI"
            AuthType Digest
            Require valid-user granted
        </RequireAll>
    </RequireAny>
</Directory>

Anyone has an idea ?

remove the requireAny opening and closing elements (leave the requireAll) — symcbean, Aug 19 '23 at 14:10

Apache2 cannot get authentication to work

0 Answers0