diff --git a/backuppc/files/backuppc-httpd.conf b/backuppc/files/backuppc-httpd.conf
new file mode 100644
index 0000000..9b77f24
--- /dev/null
+++ b/backuppc/files/backuppc-httpd.conf
@@ -0,0 +1,7 @@
+<Directory /usr/share/BackupPC/sbin/>
+  AllowOverride AuthConfig
+</Directory>
+
+Alias       /BackupPC/images /usr/share/BackupPC/html/
+ScriptAlias /BackupPC        /usr/share/BackupPC/sbin/BackupPC_Admin
+ScriptAlias /backuppc        /usr/share/BackupPC/sbin/BackupPC_Admin
diff --git a/backuppc/files/htaccess b/backuppc/files/htaccess
new file mode 100644
index 0000000..8add902
--- /dev/null
+++ b/backuppc/files/htaccess
@@ -0,0 +1,5 @@
+AuthType Basic
+AuthUserFile /etc/BackupPC/apache.users
+AuthName "BackupPC"
+
+require valid-user
diff --git a/backuppc/manifests/init.pp b/backuppc/manifests/init.pp
index b33269a..0e4bff4 100644
--- a/backuppc/manifests/init.pp
+++ b/backuppc/manifests/init.pp
@@ -83,7 +83,17 @@ class backuppc::server {
 
     apache::configfile { "BackupPC.conf":
         http    => false,
-        content => template("backuppc/BackupPC.conf.erb"),
+        source  => "puppet:///modules/backuppc/backuppc-httpd.conf",
+        require => Package["BackupPC"],
+    }
+
+    file { "/usr/share/BackupPC/sbin/.htaccess":
+        ensure  => present,
+        mode    => 0644,
+        owner   => "root",
+        group   => "root",
+        source  => [ "puppet:///files/backuppc/htaccess",
+                     "puppet:///modules/backuppc/htaccess", ],
         require => Package["BackupPC"],
     }
 
@@ -94,6 +104,15 @@ class backuppc::server {
         group   => $apache::sslserver::group,
         require => Package["BackupPC"],
     }
+
+    file { "/etc/BackupPC/apache.users":
+        ensure  => present,
+        mode    => 0640,
+        owner   => "root",
+        group   => $apache::sslserver::group,
+        require => Package["BackupPC"],
+    }
+
     file { "/etc/BackupPC/config.pl":
 	ensure  => present,
 	source  => "puppet:///files/backuppc/config.pl",
diff --git a/backuppc/templates/BackupPC.conf.erb b/backuppc/templates/BackupPC.conf.erb
deleted file mode 100644
index 1fe8f21..0000000
--- a/backuppc/templates/BackupPC.conf.erb
+++ /dev/null
@@ -1,26 +0,0 @@
-<Directory       /usr/share/BackupPC/sbin/>
-# BackupPC requires valid authentication in order for the web interface to
-# function properly.  One can view the web interface without authentication
-# though all functionality is disabled.
-# 
-# htpasswd -c /etc/BackupPC/apache.users yourusername
-# 
-
-#order deny,allow
-#deny from all
-#allow from 127.0.0.1
-#AuthType Basic
-#AuthUserFile /etc/BackupPC/apache.users
-#AuthName "BackupPC
-
-<%= backuppc_auth %>
-
-<% backuppc_adminusers.each do |user| -%>
-require user <%= user %>
-<% end -%>
-
-</Directory>
-
-
-Alias           /BackupPC/images        /usr/share/BackupPC/html/
-ScriptAlias     /BackupPC               /usr/share/BackupPC/sbin/BackupPC_Admin