CODEWITHSUNDEEP
apache.htaccesscodeigniter
Tom
Tom

Reputation: 336

Remove .htaccess password protection from specific controller

I have a CI project all protected by .htaccess password. The .htaccess password protection is set from the root folder. But since it provides an API to mobile apps, a specific controller has to be un-protected for that purpose so that mobile can communicate with that one specific controller.

What would be the best way to do it?

I tried adding the following in the main .htaccess which is in the root folder.

<Files "/home/path/to/project/root/my_specific_controller">
  Allow from all
  Satisfy any
</Files>

And also tried the following .htaccess to put in the controller folder itself.

<Files "my_specific_controller"> # this is the name of my CodeIgniter controller
  Allow from all
  Satisfy any
</Files>

Neither of these two works. Thanks for any help.

The main .htaccess file in the root folder is like this now:

RewriteEngine On
RewriteBase /project/

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

#RewriteRule ^(.*)$ index.php/$1 [L]
RewriteRule ^(.*)$ index.php/$1 [L]

<Files "/home/path/to/project/root/my_specific_controller">
  Allow from all
  Satisfy any
</Files>


AuthType Basic
AuthName "Pswd Protected Area"
AuthUserFile /home/path/to/project/root/.htpasswd
Require valid-user

Upvotes: 0

Views: 904

Answers (1)

natemcmaster
natemcmaster

Reputation: 26813

Checkout this example of allowing single URLs. http://css-tricks.com/snippets/htaccess/allow-single-url/ Although this snippet is aimed at different testing environments, it shows how to allow specific requests based on the URL, not the file location on the server.

Upvotes: 3

Related Questions