Any idea why this configuration in
/etc/apache2/sites-available/000-default.conf does not expire after 15 seconds?
<Directory /var/www/html/somedirectory/> AuthName 'test' AuthType Digest AuthDigestDomain / AuthDigestProvider file AuthUserFile /var/login/anotherdirectory/.htdigest AuthDigestNonceLifetime 15 Require valid-user </Directory>
Note that I put this configuration block outside of a virtualhost so it will apply for both HTTP and HTTPS ports. I am testing on an IP address and not a domain name. I don’t really see the point of AuthDigestDomain but I think setting it to / is fine, I saw it in some examples.
I am using Debian 9.9 with Apache 2.4.25-3+deb9u7.