mikikg
Reputation: 1503
CodeIgniter protect admin controller with .htaccess
I need to setup .htaccess rules in order to protect admin controller in CodeIgniter.
In .htaccess already have rules for friendly URLs like this:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
How to add additional rules to protect all under /admin/ folder (controller) with Digest authentication?
I have tried various combinations but none works correct. Here are some rules which I tried just to get clues what I'm looking for:
# set an environtment variable "doauth" if the request starts with "/admin/"
SetEnvIf Request_URI ^/admin/ doauth=1
AuthType Digest
AuthName "Admin Protected Area"
AuthUserFile /hta/.htdigest
# Here is where we allow/deny
Order Allow,Deny
Allow from all
Require valid-user
Deny from env=doauth
Satisfy any
Upvotes: 0
Views: 1439
Answers (1)
anubhava
Reputation: 785481
Try this code for controlling access to your admin controller:
SetEnvIfNoCase Request_URI "^/admin/" doauth
AuthType Digest
AuthName "Admin Protected Area"
AuthUserFile /hta/.htdigest
Require valid-user
Satisfy any
Order allow,deny
Allow from all
Deny from env=doauth
Upvotes: 2
Related Questions
- Codeigniter authentication before every controller and action
- allow authentication for a specific controller in codeigniter using .htaccess
- codeigniter: protect controller with htaccess
- CodeIgniter restricted page for admin users only
- CodeIgniter and htaccess - Protect a specific controller and its methods via AuthType?
- CodeIgniter authenticate the user in every Controller
- Remove .htaccess password protection from specific controller
- CodeIgniter only allow access to certain controllers when logged in
- Protect Codeigniter application during development
- Safe authentication in codeigniter