08-02-2006, 09:44 AM
Quote:One of the most pervasive myths around Apache is that password protection means .htaccess, and vice versa. While not entirely false, this belief is misleading, and often leads to configurations that are unnecessarily complex and slow. Apache itself may be guilty of confusing users by virtue of the naming scheme: the similarly-named htpasswd and htdigest programs are indeed concerned with password protection.
To understand the role of .htaccess, we need to take a look at Apache configuration. The majority of Apache's configuration can be set per-directory, so that http://www.example.com/example/ may behave entirely differently to http://www.example.com/, etc. This is based on thecontainer in httpd.conf, and its cousins , , etc. Password protection is just one of many aspects of configuration that can be determined per-directory...
full article: http://www.regdeveloper.co.uk/2006/08/01/apache_undead/