We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

.htaccess for password protected folder

April 24, 2008 12:19am

Subscribe [1]

  • #1 / Apr 24, 2008 12:19am

    Cheif

    626 posts

    Hi all,
    Have a wee curly issue here at the moment and hopefully a genius will shine light and make feel daft….

    I use the .htaccess rule to remove the index.php from URI
    I have a folder deeper down the tree that uses it’s own .htaccess file to require a password to gain access to its content.

    With the site “on” (control panel) It doesnt work: I get to the folder without a security pop up asking my name and pass and my index page (no 404 defined)

    Turn the site “off” (control panel) It works: Up pops the window asking four user/pass…this is totally separate to my EE install as I use these folders for clients who bypass the site all together (http://www.mysite.com/clients/client01)


    Now I’m not big on php, let alone .htaccess files but I realise there is a conflict somewhere and dont know where to find it (In the .htacess file for the protected directory I have added

    # rewrite rules
RewriteEngine Off

    and still doesnt work

    Any help, light, inspiration anyone can offer is greatly appreciated

    Moved to Howto

  • #2 / Apr 24, 2008 3:48am

    George Ornbo

    272 posts

    You can exclude that folder from the rule that directs everything to index.php

    Something like

    # This excludes the folder /foo from the rule
RewriteCond %{REQUEST_URI} !^/foo(.*)$ 
# And redirect everything else to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]

    Then you would just need another .htacess file in /foo to password protect it, but I think you’ve got that

  • #3 / Apr 24, 2008 4:04am

    Cheif

    626 posts

    OK, your suggestion has not worked (at least by my implementation)

    .htaccess file at site root

    # rewrite rules
    RewriteEngine On

    # This excludes the folder /foo from the rule
    RewriteCond %{REQUEST_URI} !^/Clients(.*)$

    # ditch index.php
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php/$1 [L]

    Folder structure:
    root>public_html>Clients>Foo

    I figured I would “exempt” the parent folder “Clients” rather than specify any further down the tree.

    As I said, works when site is turned “off” so file inside “protected folder works… have I missed something simple *crosses fingers*

  • #4 / Apr 24, 2008 11:13am

    Cheif

    626 posts

    Cannot believe how busy these forums are.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register