Sebastian
Reputation: 923
Apache Basic Auth only for Requests with URL Path
I'd like to get Basic Authentication for everything except requests from a certain IP Range and URLs that have a URL Path. (In my scenario these always end with .html)
The IP Range works fine, but I can't get requests to go threw that end with .html. For example:
http://subdomain.domain.com/test.html or http://subdomain.domain.com/test/test.html
should be allowed without authentication, while
should be denied.
This is the Basic Auth block in my .htaccess:
SetEnvIf Request_URI ".html$" auth=1
Order deny,allow
Deny from all
AuthType Basic
AuthUserFile /path/to/.htpasswd
AuthName "Login"
require valid-user
Allow from 123.456.78 env=auth
Satisfy Any
Upvotes: 1
Views: 1534
Answers (1)
anubhava
Reputation: 786349
You need 2 different Allow lines:
SetEnvIf Request_URI "\.html$" NO_AUTH
AuthType Basic
AuthUserFile /path/to/.htpasswd
AuthName "Login"
require valid-user
Satisfy Any
Order Deny,Allow
Deny from all
Allow from 123.456.78
Allow from env=NO_AUTH
Upvotes: 2
Related Questions
- How to make Basic Auth exclude a rewritten URL
- Excluding a specific URL from HTTP Basic Auth - mod_rewrite causing problems
- htaccess exclude multiple url from Basic Auth
- htaccess exclude one url from Basic Auth
- htaccess File Basic Auth applying to other pages
- Apache basic authentication except for those Allowed
- HTTP Basic Authentication for specific domain
- .htaccess - Disable basic auth for specific path
- Use basic auth for different URIs in a .htaccess file
- Using Basic Authentication (htaccess) to restrict access to a specific URL