.htaccess AuthUserFile and AuthGroupFile


#1

Your help would be much appreciated. When I transferred my Joomla site to Dreamhost a year ago, I did not make changes to my .htaccess file. While looking at the file today, I noticed the following (below in BOLD, but I included more lines in case someone would need to see them):

AuthName mywebsitename.com
AuthUserFile /home/myusername/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/myusername/public_html/_vti_pvt/service.grp

[code]
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^/(stats|failed_auth.html).*$ [NC]
RewriteRule . - [L]

RewriteEngine on

-FrontPage-

IndexIgnore .htaccess /.?? *~ *# /HEADER /README /_vti

#The next line modified by DenyIP order allow,deny #The next line modified by DenyIP #deny from all allow from all order deny,allow deny from all AuthName mywebsitename.com AuthUserFile /home/myusername/public_html/_vti_pvt/service.pwd AuthGroupFile /home/myusername/public_html/_vti_pvt/service.grp

<Files 403.shtml>
order allow,deny
allow from all

default Joomla

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|.php|.html|.htm|.feed|.pdf|.raw|/[^.])$ [NC]
RewriteRule (.
) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

############### upload size maximum size of 2 meg

LimitRequestBody 2097152

############### END of upload size maximum size

#
#php_flag register_globals off
#

AddType application/x-httpd-php52 .php

[/code]

The AuthUserFile and AuthGroupFile paths do not exist on my DH account. Also, the files refer to myusername which no longer exists. My question is:

Are these lines/files important? I do not know why they are there. The files refer to Frontpage, but I do not know what Frontpage is or if it is something needed by Joomla. Does anyone know why those lines are there and if I need them?

I am concerned that there may be a security issue. Additionally, if you happen to notice anything out of sorts, your guidance would be appreciated.

Thank you so much for your help!


#2

Those lines are specific to Microsoft FrontPage Server Extensions, which has been obsolete since around 2006. They do not affect the security of your site in any way - you can safely remove them.


#3

Thank you for your time and reply, Andrew F