With Apache2 how may I require a valid user for every page except these special pages which can be seen by anybody?
Thanks in advance for your thoughts.
Update in response to comments; here is a working apache2 config:
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
Order allow,deny
allow from all
</Directory>
# require authentication for everything not specificly excepted
<Location / >
AuthType Basic
AuthName "whatever"
AuthUserFile /etc/apache2/htpasswd
Require valid-user
AllowOverride all
</Location>
# allow standard apache icons to be used without auth (e.g. MultiViews)
<Location /icons>
allow from all
Satisfy Any
</Location>
# anyone can see pages in this tree
<Location /special_public_pages>
allow from all
Satisfy Any
</Location>
From serverfault
matt wilkie
-
this should do a trick:
<Location / > AuthType Basic AuthName "whatever" AuthUserFile /etc/apache2/htpasswd Require valid-user AllowOverride all </Location> <Location /yourspecial> allow from all Satisfy Any </Location>satisfy any is the cruicial one..
matt wilkie : except `satisfy` is not valid for `` :( pQd : @matt wilkie - believe me or not - this is tested working config.matt wilkie : @pQd hmm, it appears in this instance the documentation is wrong. Thanks for the helpmatt wilkie : sorry, I have to retract the accepted answer status. I thought it was working but when I went to a different machine the "popup auth dialog first then show the special page" behaviour reasserted itself.pQd : did you checked what happens at http level [ with fiddler of wireshark ]? are you sure it's not a problem of missing / at the end of url?matt wilkie : I've updated the question to include full details of my current setupFrom pQd -
How could these direction be adapted for .htaccess?
How would a rule for a specific root FILE be adapted to .htaccess?
joschi : Create a new question.From oh me
0 comments:
Post a Comment