I need to restrict access by password to my web root apache test server (ie http://localhost) but allow access to subfolders (ie: http://localhost/testsite)
I did create the .htpasswd and .htaccess, and put the .htaccess to web root (http://localhost) so when trying to access web root, it asks for user and pass, but so does in subfolders (ie: trying to access http://localhost/testite)
I want to be asked for password on web root, but not on subfolders.
Is that possible?
seems like you told Apache to require a password for your web-root, but did you dell Apache to not require it for all other directories?
Inside your .htaccess (or in httpd.conf, they do the same job) you likely have something like what is below (add a pastebin link to your .htaccess file and I can make this exact):
But that will apply to all directories under that path as well. You'll need to explicitly tell Apache otherwise.
You can use regular expressions with
<DirectoryMatch "regex">to generalize this, just don't forget to guard againstasdf.com/subdir/../expressions.UPDATE: Also worth mentioning that although much of the documentation already has
<Directory[Match]>directives there are also<Location[Match]>directives that are helpful in the case of symlinks on the underlying filesystem.In Apache 2.4 we can use the LocationMatch directive and a regular expression.