Enabling basic auth in apache user directory from Directory context instead of .htaccess file

Question

I've enabled Apache user directories on my Ubuntu server. User can now load their /home/username/public_html directory from the browser by visiting http://example.com/~username.

I'm trying to password protect these directories. I was able to get it to work fine using an .htaccess file, but I would prefer to enabled authentication from the Directory context. This is my configuration file for the user directory module, located at /etc/apache2/mods-enabled/userdir.conf:

<IfModule mod_userdir.c>
        UserDir public_html
        UserDir disabled root

        <Directory /home/*/public_html>
                AuthType Basic
                AuthName Private
                Authuserfile /etc/apache2/.htpasswd
                Require valid-user

                Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
                <Limit GET POST OPTIONS>
                        Require all granted
                </Limit>
                <LimitExcept GET POST OPTIONS>
                        Require all denied
                </LimitExcept>
        </Directory>
</IfModule>

When I navigate my browser to one of the user directories, it does not even prompt me for a credentials. When I switch back to the .htaccess method, it works correctly.

I have reloaded apache after every change I make to the user directory configuration file. Why isn't authentication working from the Directory context?

Answer 1

Put the authentication directives to a separate Location directive, like this:

<IfModule mod_userdir.c>
    <Location ~ "/~.*">
        AuthType Basic
        AuthName Private
        Authuserfile /etc/apache2/.htpasswd
        Require valid-user
    </Location>
</IfModule>

This will enable password authentication for every path starting with "/~".