I'm trying to setup a .htaccess file which will allow users to bypass the password block if they come from a domain which does not start with preview. e.g. http://preview.example.com would trigger the password and http://example.com would not.
Here's what I've got so far:
SetEnvIfNoCase Host preview(.*\.)? preview_site
AuthUserFile /Users/me/.htpasswd
AuthGroupFile /dev/null
AuthType Basic
AuthName "Development Area"
Require valid-user
Order deny,allow
Allow from 127
deny from env=preview_site
Satisfy any
Any ideas?
You where almost there, a couple of points:
Your regex though valid, also matches when preview in somewhere else in the URL (eg. test.preview.example.com). The following only matches if the URL starts with "preview."
The order needs to change to "Allow,Deny", because you want mod_access to fail when both Deny and Allow statements match. After mod_access fails the mod_auth will be called because of the "Satify Any".
So this should provide the behavior you are looking for: