A VPN and how to secure a webpage question

[greenpeace]

OK, try putting a <location> directive in the <VirtualHosts> section for this domain. I would put this in the main configuration file where I have defined all my VirtualHosts. In my case that is: /etc/apache2/apache2.conf

Something like:

Code:

<VirtualHost *:80>
    ServerName your-url.com
    DocumentRoot /var/www/test
    CustomLog /var/log/apache2/access.log common
    <location />            
        Deny from all
        AuthType Basic 
        AuthName "Enter Password"
        AuthUserFile /home/cackles/scrappass
        require valid-user
    </location>
</VirtualHost>

let us know how you get on!

[cackles]

Still loads the page and this time when I refresh I get the forbidden page instead of the password box.

I dont put my vhosts into the apache.conf, I make individual files and a2ensite them.

My document root is in the home dir, not the www. Could this be the problem? I changed the example from /var/www/test to its dir in the code.

[clay7]

Are you restarting Apache after making changes to the configuration files? That needs to be done so that the changes you make go into effect.

You probably know this but I just wanted to post this for the sake of those who don't know.

Code:

sudo restart apache2

[greenpeace]

@cackles, I'm not sure then... if I get a chance I'll try to replicate your setup on a spare box and test it.

ps. better practice is to reload apache, rather than restart, to avoid downtime:

Code:

sudo service apache2 reload