1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:49 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Using SSI in a password-protected directory?

trying to call server-side includes from inside a pwd-protected dir

         

lightjump

12:01 am on Nov 11, 2010 (gmt 0)

10+ Year Member



Note: I already have my Apache server (running on Novell NetWare 6.5 SP8) config'd to parse SSI calls from within XHTML pages with the .shtml extension (which I'm using in this case below). My Apache server is also config'd to honor PHP include calls from '.shtml' pages.

I am trying to call server-side includes from a parent directory of a password-protected sub-directory but it's not working (tried several different include methods, such as):

<!--#include virtual="ROOT_RELATIVE reference" -->
<!--#include virtual="DOCUMENT_RELATIVE reference" -->

<!--#include file="ROOT_RELATIVE reference" -->
<!--#include file="DOCUMENT_RELATIVE reference" -->
(I know 'file' SSI includes don't work with dirs above the current location, but I tried it anyway just to be thorough...)

<?php include("ROOT_RELATIVE reference") ?>
<?php include("DOCUMENT_RELATIVE reference") ?>

Since none of the above worked, I decided to copy all of the include file(s) into the same directory and tried..

<!--#include virtual="SAME_DIRECTORY file reference" -->
<!--#include file="SAME_DIRECTORY file reference" -->
<?php include("SAME_DIRECTORY file reference") ?>

I thought the include calls from the SAME DIRECTORY would surely work, but within a password-protected directory, they're not working.

I should mention that I have password-protected these directories in the httpd.conf file using an LDAP reference to our Novell eDirectory, and I have NOT used any .htaccess files.

Here's the specific 'httpd.conf' section that password-protects the directory in question:
------------
<Directory "VOLUMENAME:/path/to/my/pwd-protected/directory">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AuthType Basic
AuthName "<Dept. Name Here> Protected Content"
AuthLDAPAuthoritative On
AuthLDAPURL "ldap://<hostname>/o=<unit-name-here>?cn?sub"
Require user <required-user-name-here>
</Directory>
------------
Nothing worked...so I copied the included file code into the XHTML document/page itself (creating a static page) - page displays as desired now, but is not 'including' anything from outside the directory, meaning changes to the includes in the main website directory will have to be manually changed in the code on these pages in the password-protected directory as well.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:49 am May 2, 2026