[thelist] .htaccess Help: Password protection
Eduardo Kienetz
eduardok at gmail.com
Tue Jun 27 20:00:58 CDT 2006
On 6/27/06, Gina Anderson <gina at sitediva.com> wrote:
> Thanks Eduardo! I tried it, but it doesn't seem to work for me. I'm sure I
> have a syntax issue or something. Could you help a bit further? First,
> here's the .htaccess file:
>
> ~~~~~~~~~~~~~~~~~~~~~~~
> DirectoryIndex login.html
>
> RewriteEngine on
> RewriteCond %{HTTP_REFERER} !^$
> (More stuff here)
> RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ (a url here) [R,NC]
>
> AuthType Basic
>
> AuthName "Restricted Area"
>
> AuthUserFile "/home/myusername/.htpasswds//passwd"
>
> require valid-user
>
>
> <Files "login.html">
> satisfy any
> </Files>
> ~~~~~~~~~~~~~~~~~~~~~~~~
>
> Is something out of whack? When I enter "http://www.mydomain.com", the
> user/pass box comes up, instead of login.html. If I sign in first with the
> user/pass, and then enter the url, I am presented with "login.html' as
> default. But the server still doesn't recognize that login.html doesn't need
> protection.
>
> What am I missing?
>
> Thanks so much!
> Gina
Here is the closest I got to that on my quick tests:
DirectoryIndex login.html
<Files "login.html">
satisfy any
</Files>
<FilesMatch "\.(png|php)$">
AuthType Basic
AuthName "Restricted Area"
AuthUserFile "/home/eduardo/.htpasswd"
require valid-user
</FilesMatch>
Note that it will allow only login.html with no password and only ask
for password when .php and .png. This means it would allow access for
foo.html abcd.dwg, etc.
But I believe you can go on now and create a regular expression that
matches your needs.
And remember you must allow override to the DirectoryIndex (by adding
the following 'Indexes' to the Directory directive):
<Directory "/var/www/htdocs/teste">
AllowOverride AuthConfig Indexes
</Directory>
Best regards,
--
Eduardo Bacchi Kienetz
LPI Certified - Level 2
http://www.noticiaslinux.com.br/eduardo/
More information about the thelist
mailing list