Reputation: 31
RewriteCond is not considered in default WordPress htaccess
Good morning,
I have a very strange issue with the default .htaccess with WordPress.
I have a "stats" folder in the webroot which contain something else than WordPress. Usually, I can access it by doing www.example.com/stats/ on the web browser. But with one WordPress, www.example.com/stats/ is rewrited to the index.php of WordPress.
Please note that I use the defaut WordPress .htaccess which is:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Usually, RewriteCond %{REQUEST_FILENAME} !-d should help to skip rewriting as stats is a directory. But stats still rewrite to index.php.
I already tried to add some other RewriteCond (with REQUEST_FILENAME and QUERY_STRING) to try skipping manually stats directory but it not works. Here are them (as requested on comments):
RewriteCond %{REQUEST_FILENAME} !^stats$
RewriteCond %{REQUEST_FILENAME} !^stats/$
RewriteCond %{REQUEST_FILENAME} !^/stats/$
RewriteCond %{QUERY_STRING} !stats
RewriteCond %{QUERY_STRING} !^stats/$
RewriteCond %{QUERY_STRING} !^/stats/$
RewriteCond %{QUERY_STRING} !stats(.*)
Both are not working.
As requested in comment also, I tried to rename stats to another name. And it works with the name stats2. But I still want to use stats as folder name.
Note that it is not a caching issue.
Inside the folder stats, there is a .htaccess:
AuthType Basic
AuthName "Members Only"
AuthUserFile /var/www/clients/client0/web1/web/stats/.htpasswd_stats
require valid-user
Note that the folder stats is managed by ISPConfig.
Any idea to check? Thanks in advance.
Upvotes: 1
Views: 264
Answers (2)
Reputation: 45914
Instead of modifying the root .htaccess file, it may be preferable to simply disable the rewrite engine in the /stats/.htaccess file. Since mod_rewrite is not inherited (by default) this should prevent the WordPress front-controller in the root .htaccess file being processed.
For example, in /stats/.htaccess:
RewriteEngine Off
AuthType Basic
: etc.
Upvotes: 0
Reputation: 31
Found the issue!!!
In general, Apache does the rewrite phase before the authorization phase, which is why your code performs the rewrite without ever asking for user to authenticate. https://stackoverflow.com/a/13295036/7664726
I had to add it to the .htaccess in the website root:
RewriteCond %{LA-U:REMOTE_USER} !^$
So my final .htaccess is this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule . /index.php [L]
</IfModule>
Thanks to add peoples in comment section helping me solve this issue.
Upvotes: 1
Related Questions
- RewriteCond not matching?
- .htaccess RewriteRule Not Working on Wordpress
- htaccess RewriteCond does not work
- RewriteCond doesn't match properly on .htaccess
- .htaccess RewriteCond not working
- rewritecond not working for existing files
- HTACCESS not working with rewriteCond
- Apache mod_rewrite | RewriteCond doesn't work
- RewriteCond of htaccess is not working properly
- WordPress .htaccess not working for rewriterule