Hi,

I have a reports directory I wish to secure and have created the necessary .htaccess file:

AuthUserFile /www/security/somedomain_access
AuthType Basic
AuthName "Restricted Access"
Require user someuser

I believe my virtual host config is correct:

<VirtualHost *:80>
ServerAdmin webmaster@somedomain.co.uk
DocumentRoot "/www/somedomain.co.uk"
<Directory /www/somedomain.co.uk/>
AllowOverride All
</Directory>

ServerName www.somedomain.co.uk
ServerAlias somedomain.co.uk

ExpiresActive On
ExpiresByType text/html "access plus 30 seconds"
ExpiresByType text/css "access plus 2 weeks"
ExpiresByType text/javascript "access plus 2 weeks"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"

AddOutputFilterByType DEFLATE text/html text/css text/xml application/x-javascript application/javascript application/xml

BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

DeflateCompressionLevel 6

Header append Vary User-Agent

ErrorLog "logs/www.somedomain.co.uk-error.log"
CustomLog "logs/www.somedomain.co.uk-access.log" common
</VirtualHost>

Though when I navigate to [somedomain.co.uk...] I am never prompted for a user/password If I add some random text to .htaccess then I do receive a Server Error so the file is being processed. Thoughts please ?