.htaccess:order not allowed here

Question

I am trying to put authentication for accessing my document root directory in apache2... Here's my config file

<VirtualHost *:80>

        ServerAdmin webmaster@localhost
        AccessFileName .htaccess
        DocumentRoot /home/user/workspace
        <Directory />
                Options FollowSymLinks
                AllowOverride None.htaccess
        </Directory>
        <Directory /home/vishu/workspace>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride AuthConfig
                Order allow,deny
                allow from all
        </Directory>
......
......

</VirtualHost>

here's my .htaccess file in /home/user/workspace folder:

<FilesMatch >
.....
</FilesMatch>

    AuthType Basic
    AuthName "MY ZONE"
    #AuthBasicProvider file
    AuthUserFile /home/vishu/workspace/passwordfile
    AuthGroupFile /dev/null
    Require valid-user
.....
...

Apache gives .htaccess:order not allowed here error and I am getting 500 error from browser.

Answer 1

Have a look at your AllowOverride directives. I had this problem too but the following config work for me:

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride AuthConfig Limit
    Require all granted
</Directory>

AllowOverride All will probably also work, just depends on how much you want to allow.

Check out these two links for more info:

https://drupal.org/node/10133

http://httpd.apache.org/docs/2.2/howto/auth.html