Hello developers, I am attempting to install a local production copy of Galaxy on an SLES 11 machine running Apache 2.2.16 and PostgreSQL. It is important that we keep our data protected via password so I am trying to use Apache's standard .htaccess for security. galaxy-dist is installed and running at /home/abrahamb2/galaxy-dist Apache's document root is /usr/local/apache/htdocs I have been successful at protecting both /usr/local/apache/htdocs and /usr/local/apache/cgi-bin using the same .htaccess file in both directory that points to /usr/local/apache/.htpasswd for a password file/ I have attempted to use this working .htaccess in /home/abrahamb2/galaxy-dist with no success. I have also modified /usr/local/apache/conf/httpd.conf to AllowOverride and specifically with the following code: <Directory "/home/abrahamb2/galaxy-dist"> Options Indexes FollowSymLinks AllowOverride AuthConfig Order allow,deny Allow from all AuthType Basic AuthName Galaxy AuthUserFile /usr/local/apache/.htpasswd Require valid-user </Directory> I previously tried to put galaxy-dist within /usr/local/apache/cgi-bin which not only failed but read on the wiki is not a great idea. Do you have any further suggestions for security configuration of this local installation? Thank you, ~Brian J. Abraham Predoctoral Bioinformatics Fellow with Boston University Lab of Molecular Immunology National Heart, Lung and Blood Institute National Institutes of Health 10 Center Drive - Room 7B20A Bethesda, MD 20892