Apply HTTP Basic authentication only to root directory

apache-2.2http-basic-authentication

I have setup a multi directory plain web application that need authentication only for root directory. All other sub directory I need to allow without password.

I have setup HTTP Basic Authentication using .htaccess and .htpasswd. These files are placed in root directory of web. My issue is, sub directories are automatically inheriting the authentication.

I just need to apply this only for root and keep all subdirectory opened. How can I do it?

My .htaccess file contents are below.

AuthType Basic
AuthName "Secure Portal"
AuthUserFile /webroot/.htpasswd
Require valid-user

Best Answer

You can't do this (easily) with a .htaccess file as the directives in the .htaccess apply to the directory and all directories below it

.htaccess files (or "distributed configuration files") provide a way to make configuration changes on a per-directory basis. A file, containing one or more configuration directives, is placed in a particular document directory, and the directives apply to that directory, and all subdirectories thereof

I guess you could add a .htaccess to each subdirectory that overrides the restriction in the document root.

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it's .htaccess includes the following redirection logic to redirect missing files to a PHP script:

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.

Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.

Also, I think it is likely that SELinux would result in a different error, but it's not mentioned in the discussion above. Did you try disabling SELinux?

Debian – Apache + LDAP Auth: access to / failed, reason: require directives present and no Authoritative handler

Your 'Require' line reads

Require ldap-group cn=CHANGED, cn=CHANGED

That doesn't look write - I don't believe you can have have two cn's in a DN like that.

Best Answer

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

Debian – Apache + LDAP Auth: access to / failed, reason: require directives present and no Authoritative handler

Related Topic