As accurate answers still not showing up, I had to take the alternative to remove index.php
from http://example.com/index.php/admin
Below is my code at the top of .htaccess file
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_URI} !^/index.php/admin/
RewriteRule ^index.php/(.*) $1 [R=301,QSA,L]
I have written below code at the bottom of .htaccess file
<Files admin>
AuthUserFile /var/www/magento/.htpasswd
AuthName "Private access"
AuthType Basic
require user dummyuser
</Files>
Problem: Currently it successfully blocked the URL
http://example.com/admin
but not http://example.com/index.php/admin
.
Also index.php
is removed from http://example.com/index.php/admin
but not from http://example.com/index.php/admin/
with /
I am using Magento 1.9.2.4
Best Answer
You should be able to do this using the combination of mod_env and the
Satisfy any
directive. You can useSetEnvIf
to check against theRequest_URI
, even if it's not a physical path. You can then check if the variable is set in anAllow
statement. So either you need to log in with password, or theAllow
lets you in without password: