I have a webserver that is completely locked down with Basic Auth
<Location />
AuthType Basic
# [...] rest of basic auth stuff
require valid-user
order deny,allow
deny from all
Satisfy any
</Location>
One subdirectory is accessible without auth:
<Location /public>
allow from all
Satisfy any
</Location>
This is working fine. Now I want to allow access without login to some scripts that are accessed with mod_rewrite:
RewriteRule ^phonebook/show/(.+)$ /quicksearchShow.php?uid=$1 [NC]
RewriteRule ^phonebook/(.+)$ /quicksearch.php?s=$1 [NC]
RewriteRule ^phonebook$ /quicksearch.php [NC]
Some ways I tried:
<Location ~ "/phonebook*">
Allow from all
Satisfy Any
</Location>
<Location /phonebook>
Allow from all
Satisfy Any
</Location>
<LocationMatch "^phonebook.*">
Allow from all
Satisfy Any
</LocationMatch>
None of these options work. I assume because /phonebook is not an actual directory on the server. So I tried some variants of the <Files> directives:
<FilesMatch "/quicksearch.*">
Allow from all
Satisfy Any
</FilesMatch>
<FilesMatch "^quicksearch.*">
Allow from all
Satisfy Any
</FilesMatch>
<Files "quicksearch.php">
Allow from all
Satisfy Any
</Files>
But no luck either.
So, how do I set options for a specific "virtual" directory that is mapped via mod_rewrite?
So, I kinda gave up on this approach. I created a subdirectory "phonebook", moved the files in there and added this to the apache config:
This works, but I was unable to get it working without the directory existing on the filesystem.