Hello!
Today I encountered the following problem on my server (Apache 1.3.14 on WinNT):
I can access a .htaccess-restricted directory, e.g.
http://myserver.com/xy/restricted_dir/
via
http://myserver.com/phpScriptAlias/php.exe/xy/restricted_dir/index.php
How does that happen???
In httpd.conf "AllowOverride AuthConfig" is set for all directories.
The .htaccess format is like this:
AuthUserFile .passwd
AuthName "Restricted Area"
AuthType Basic
deny from all
require valid-user
satisfy any
Thanks in advance..
Alex
