Apache2文件认证指令

使用/ var / www / docs作为根文档的Web服务器 . / var / www使userInfo.php文件只能通过身份验证才能生成，但无需authenticate即可访问 . 有问题的文件是userInfo.php目录/ var / www通过身份验证进行保护，但可以在没有密码的情况下访问特定文件 . Files指令是否正确？操作系统：Ubuntu 14.04; Apache是Web服务器

这是位于/ etc / apache2 / sites-available /中的000-default.conf

<VirtualHost *:80>
  ServerAdmin webmaster@localhost
  ServerName <servername>
  RewriteEngine On
  RewriteCond %{HTTPS} off
  RewriteCond %{REQUEST_URI} !^\/share\/
  RewriteRule (.*) http(s)://%{HTTP_HOST}:443%{REQUEST_URI} 
  DocumentRoot /var/www/

  <Directory />
    Options FollowSymLinks
    AllowOverride All
    AuthType Digest
    AuthName "documentroot"
    AuthDigestProvider file
    AuthUserFile /etc/apache2/htpasswd
    Require user <username>
  </Directory>

  <Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
  </Directory>

  <Files /var/www/userInfo.php>
    AuthType Digest
    AuthName "User Info"
    AuthDigestDomain /var/www/userInfo.php https://<servername>/userInfo.php
    AuthDigestProvider file
    AuthUserFile /etc/apache2/htpasswd
    Require valid-user
    SetEnv R_ENV "/var/www/userInfo.php"
  </Files>

  ErrorLog /var/log/apache2/error.log

  # Possible values include: debug, info, notice, warn, error, crit,
  # alert, emerg.

  LogLevel warn

  CustomLog /var/log/apache2/access.log combined

  <Directory /var/www/docs>
    AuthType Digest
    AuthName "docs"
    AuthDigestDomain /var/www/docs/ http://<servername>/docs
    AuthDigestProvider file
    AuthUserFile /etc/apache2/htpasswd
    Require valid-user
    SetEnv R_ENV "/var/www/docs"
  </Directory>
</VirtualHost>

<VirtualHost *:443>
  ServerAdmin webmaster@localhost
  ServerName <servername>
  SSLEngine on
  SSLCertificateFile /etc/docs/ssl/cert.pem
  SSLCertificateKeyFile /etc/docs/ssl/key.pem

  DocumentRoot /var/www/

  <Directory />
    Options FollowSymLinks
    AllowOverride All
    AuthType Digest
    AuthName "documentroot"
    AuthDigestProvider file
    AuthUserFile /etc/apache2/htpasswd
    Require user <username>
  </Directory>

  <Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
  </Directory>


  <Files /var/www/userInfo.php>
    AuthType Digest
    AuthName "User Info"
    AuthDigestDomain /var/www/userInfo.php https://<servername>/userInfo.php
    AuthDigestProvider file
    AuthUserFile /etc/apache2/htpasswd
    Require valid-user
    SetEnv R_ENV "/var/www/userInfo.php"
  </Files>

  ErrorLog /var/log/apache2/error.log
  # Possible values include: debug, info, notice, warn, error, crit,
  # alert, emerg.
  LogLevel warn

  CustomLog /var/log/apache2/access.log combined
  <Directory /var/www/docs>
    AuthType Digest
    AuthName "docs"
    AuthDigestDomain /var/www/docs/ https://<servername>/docs
    AuthDigestProvider file
    AuthUserFile /etc/apache2/htpasswd
    Require valid-user
    SetEnv R_ENV "/var/www/docs"
  </Directory>
</VirtualHost>

ports.conf：

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz

#NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    #NameVirtualHost *:443
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

有什么建议 ？干杯 .