I used basic authentication (username and password) to protect access to the typo3 directory on my site. When a visitor uses the search function, they are prompted for authentication by the search results page. This is due to the fact their are graphics in the typo3 directory that are being returned along with the search results. Is it a bad idea to restrict access to the typo3 directory? Is there a fix to pull the graphics from a different location, such as fileadmin? I looked around in the search scripts, but didn't find anything obvious.

thanks,

Terry

Terry,
There are several extensions that ship with the TYPO3 core, included Indexed Search. These extensions live at typo3/sysext/ (in contract to the extensions you install that live at typo3conf/ext/).

If you turn off authentication for typo3/sysext/ will that allow the images to pass through or will they still get caught by the higher level authentication?

Thanks,
Jeff

Thank you for your response. Unfortunately the way apache works, accesses get caught by the higher level authentication.

Is there a directory below typo3 that I could restrict access to and still have the same protection as restricting typo3, or is restricting access to typo3 a bad idea in general?

Terry,

In general, as you suggest, it is a bad idea to add an apache username and password to the TYPO3 directory. That will keep forcing the request for a username and password whenever there is an access to a file there. What was your goal in doing this?

In Him,
Mark