Boian Mihailov
Reputation: 121
disable http auth for specific rewritten location
I need to setup apache to inverse match /admin location which is rewritten by default drupal htacess file. Simply ask for http auth for everything that is not /admin/*
I've tried this so far:
< LocationMatch "^/(?!admin)" >
AuthName "Members Only" AuthType Basic AuthBasicProvider file AuthUserFile /path/to/.htpasswd Require valid-user
< /LocationMatch >
Upvotes: 6
Views: 5493
Answers (1)
Jon Lin
Reputation: 143916
You can try using a SetEnvIf to check Request_URI for /admin, so you should end up with something like this:
# Set an environment variable if requesting /admin
SetEnvIf Request_URI ^/admin/? DONT_NEED_AUTH=true
# Setup your auth mechanism
AuthName "Members Only"
AuthType Basic
AuthBasicProvider file
AuthUserFile /path/to/.htpasswd
# Set the allow/deny order
Order Deny,Allow
# Indicate that any of the following will satisfy the Deny/Allow
Satisfy any
# First off, deny from all
Deny from all
# Allow outright if this environment variable is set
Allow from env=DONT_NEED_AUTH
# or require a valid user
Require valid-user
You may need to wrap that in the appropriate or tags if you are not putting this inside a .htaccess file.
Upvotes: 1
Related Questions
- Apache Deny <Location> but allow to sub Location
- Excluding a specific URL from HTTP Basic Auth - mod_rewrite causing problems
- htaccess exclude one url from Basic Auth
- Use HTTP Auth only if accessing a specific domain
- .htaccess - Disable basic auth for specific path
- Add auth to specific file with htaccess
- .htaccess Auth and exclude one location (with mod_rewrite)
- How to make Basic Auth exclude a rewritten URL
- htaccess: Conditional Authentication
- apache rewrite before authentication of location