Home / server / Questions / 1001968
Accepted
TmCrafz
Asked: 2020-02-06 15:05:42 +0800 CST

Authentication in .htaccess file for sub directories

  • 772

I have the following structure:

_auth/
   ->.htpasswd
website1/
website2/
website3/
.htaccess

I want to add a AuthType Basic to my .htaccess in root directory, so that webiste1/ and website2/ require authentification and website3/ should be still accessible without. All three websites have there own domain.

I tried:

<directory "/website1">
AuthType Basic
AuthName "Protected Area"
AuthUserFile "_auth/.htpasswd"
Require valid-user
</directory>

<directory "/website2">
AuthType Basic
AuthName "Protected Area"
AuthUserFile "_auth/.htpasswd"
Require valid-user
</directory>

But its not working

.htaccess

1 Answers

  1. Best Answer

    You can't use <Directory> containers in .htaccess files. (The .htaccess file itself is essentially a directory container and directory containers cannot be nested.)

    Assuming you're on Apache 2.4 and /website1 and /website2 appear as part of the requested URL-path, then you can use an Apache Expression.

    For example:

    <If "%{REQUEST_URI} =~ m#^/(website1|website2)/#">
    AuthType Basic
    AuthName "Protected Area"
    AuthUserFile "_auth/.htpasswd"
    Require valid-user
</If>

    Note that the file-path _auth/.htpasswd is seen as relative to the defined ServerRoot. You should otherwise specify an absolute filesystem path, such as:

    AuthUserFile "/abs/path/to/_auth/.htpasswd"
    • 1