.htaccess doesn't protect some files ??
I have a linux hosted apache 1.3.31 server. I do not have access to the servers config files but I can use .htpasswd/.htaccess to protect directories.
I am using the typical .htaccess to password protect a directory and its contents.
If I browse to the directory, I get the auth challenge (401 response)
If I browse to a *.html or *.gif file in the directory I get the auth challenge (401 response)
HOWEVER....
If I browse to a simple *.txt, *.log or file with no extension in the directory, apache serves it right up without doing the authentication.
I've tried adding directives in .htaccess like <Files></Files> and <FileMatch></FileMatch> to see if I could get it to work correctly with *.txt and *.log but no dice. It still serves them right up with no authentication challenges.
I have run a windows version of apache 1.3.31 at home and verified it doesn't behave this way out-of-the-box. I get the auth challenges no matter what I file or directory I request using the simple .htaccess setup.
