Reputation: 826
HTTP Basic Auth Exclude Single File
Part of my .htaccess file looks like this-
AuthUserFile /path/to/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user
Doing that requires the Basic HTTP authentication for the entire directory and the directories below it as well. However, I have a single file within that root directory, thubservice.php, that should not require the HTTP authentication.
From what I have seen, I need to use <FilesMatch />, but I cannot figure out the pattern to match all but that given file.
Upvotes: 28
Views: 17239
Answers (2)
Reputation: 1066
With Apache 2.4 you may want to use Require instead:
<Files "thubservice.php">
Require all granted
</Files>
In 2.2, access control based on client hostname, IP address, and other characteristics of client requests was done using the directives Order, Allow, Deny, and Satisfy.
In 2.4, such access control is done in the same way as other authorization checks, using the new module mod_authz_host. The old access control idioms should be replaced by the new authentication mechanisms, although for compatibility with old configurations, the new module mod_access_compat is provided.
Upvotes: 2
Reputation: 993
AuthUserFile /path/to/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user
<Files "thubservice.php">
Satisfy Any
Allow from all
</Files>
Upvotes: 48
Related Questions
- Excluding a specific URL from HTTP Basic Auth - mod_rewrite causing problems
- htaccess exclude multiple url from Basic Auth
- Restrict acess Basic Auth to all but one file+query string
- htaccess exclude one url from Basic Auth
- Cannot exclude route from http basic auth
- htaccess exclude file require auth
- .htaccess - Disable basic auth for specific path
- Apache Basic Auth only for Requests with URL Path
- How to make Basic Auth exclude a rewritten URL
- Exclude one file from password protection in .htaccess