I have the following site configuration
<Location />
AuthUserFile /path/.htpasswd
AuthName "Restricted Area"
AuthType Basic
require valid-user
</Location>
which restricts access to all locations. Now I want to exclude say media/
<Location /media>
Require all granted
</Location>
and also upload/
which is in another directory
Alias /upload/files/ /another/path/upload/files/
<Directory "/another/path/upload/files/">
Options None
AllowOverride None
ForceType text/plain
Require all granted
</Directory>
Unfortunately it still prompts me for authentication.
You can add the exceptions in the following way:
After the configuration is applied the apache service must be restarted.
As Location /media came after Location /, it inherited roots AuthType. You should be able to overrule it:
I found a way to accomplish this
There might be other options.