On the webserver I use, I have multiple sites (subdomains). Some of these have an admin folder for quick edits for each site. In the admin folder I placed a .htaccess file, restricting access to it.
I have placed a htpasswd file outside the public_html folder(because that's what I read, I should), each password file, in a new directory.
So my folder/file structure so far:
/server/public_html/domain.com
/server/public_html/domain.com/admin/.htaccess
/server/domain_password/.htpasswd
The content of the .htaccess file, inside the admin folder:
#Block_External_Access
AuthType Basic
AuthName 'My Protected Area'
AuthUserFile /server/domain_password/.htpasswd
Require valid-user
The problem is, that in this case I get a big fat 500 server error. Looks like it cannot read the password file after all. If I move my htpasswd down to the domain folder, or the admin folder, and update the htaccess file correspondingly, it works.
Is there any setting somewhere, where prohibits my expected behaviour, or I'm missing something else?
