If I password protect a directory using .htaccess, does Apache have a way to log successfull/unsuccessful logins to the directory or do I have to use a separate script? Ideally, I'd like to keep track of HTTP_USER_AGENT, originating IPs, and what username/passwd they're using if they're not getting in. .tony