Anyone with Apache/SSL experience care to lend a helping hand? I've got Apache compiled with mod_ssl, and it seems to be working fine. In fact, I know that part is working fine. Where my trouble lies is with forcing it to look look for the userID/password to access the directory. It allows any conenction to view the page, without prompting for userID/PW. httpd.conf points traffic for hermes.manitobamall.net to /www/htdocs/manitobamall/. Looked around for everything I could find on the 'Net, and tried all variations of examples, still the same. ____________________ /www/htdocs/test/.htaccess: AuthUserFile /www/pw/.file-password AuthGroupFile /dev/null AuthName "TestPage" AuthType Basic <Limit GET POST PUT> require user test </Limit> ___________________ /www/pw/.filepassword: test: 38sqpB6MNb7BA