I have setup a multi directory plain web application that need authentication only for root directory. All other sub directory I need to allow without password.
I have setup HTTP Basic Authentication using .htaccess and .htpasswd. These files are placed in root directory of web. My issue is, sub directories are automatically inheriting the authentication.
I just need to apply this only for root and keep all subdirectory opened. How can I do it?
My .htaccess file contents are below.
AuthType Basic
AuthName "Secure Portal"
AuthUserFile /webroot/.htpasswd
Require valid-user
Best Answer
You can't do this (easily) with a .htaccess file as the directives in the .htaccess apply to the directory and all directories below it
I guess you could add a .htaccess to each subdirectory that overrides the restriction in the document root.