I would like to set up password protection on a directory, and I'm just not understanding what I'm not doing that would make it work correctly.
In the directory I want to protect, I have an .htaccess file:
AuthName "UID and PWD Required."
require group member-users
The .htpasswd file was created with the htpasswd utility, and contains the user name / hash:
And I've set up a group file, .htgroup:
I understand I don't need the group if I don't want it...
Anyway, doesn't work, I can waltz on in to the directory without a PWD/UID.
Is there something I'm missing? Do I need to make changes to httpd.conf?