Multiple RewriteConditions in Apache .htaccess configuration issue

Question

I'm trying to rewrite URLs that don't exist to use my index.php file while also appending the HTTP:Authorization environment variable to my script. So far I've only been able to get one or the other working at a time. Not both. Can someone tell me where is the error in my .htaccess?

RewriteEngine on

# Get HTTP authorization
RewriteCond %{HTTP:Authorization} ^Basic.*

# Append to URL
RewriteRule (.*) index.php?_auth=%{HTTP:Authorization} [QSA,L]

# If a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Otherwise forward it to index.php
RewriteRule (.*) index.php?_auth=%{HTTP:Authorization} [QSA,L]

Olaf Dietsche · Accepted Answer

First of all, your .htaccess works fine in my test environment. I get the _auth argument with every request.

But you don't need all these RewriteConds, just one RewriteRule

RewriteRule .* index.php?_auth=%{HTTP:Authorization} [QSA,L]

This will rewrite all requests to index.php, adding the authorization header as an _auth argument.

If you want only non-existing URLs to be rewritten with an _auth argument, just prepend the RewriteConds to the RewriteRule. If caching is an issue in your case, add the RewriteCond HTTP:Authorization as well

RewriteEngine on

RewriteCond %{HTTP:Authorization} ^Basic
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php?_auth=%{HTTP:Authorization} [QSA,L]

Multiple RewriteConditions in Apache .htaccess configuration issue

Answers (2)

Related Questions