Solved

Apache: protect whole website with pasword excluding one(2,3) URLs

Posted on 2008-10-17
3
251 Views
Last Modified: 2010-03-04
Hi experts!

I have a problem, i need to protect whole website with password excluding few URLS.

Basically i have:

<Directory /var/www/vhosts/dev.tda>
        AuthType Basic
        AuthName "Authorisation required"
        AuthUserFile /var/www/vhosts/dev.tda/conf/htpasswd
        Require user dev
</Directory>

and i need, let's say url "/api/apipoint1" to be accessible without apache prompting for password

the thing is, that i rewrite URL so "/api/apipoint1" doesn't  match any file on filesystem

Can anyone help?
0
Comment
Question by:7workers
  • 2
3 Comments
 
LVL 27

Expert Comment

by:caterham_www
Comment Utility
> the thing is, that i rewrite URL

Where? Server-context or directory context?

A possible solution could be a location container with the satisfy directive
<Location /api/apipoint1>

Satisfy any

</Location>

Open in new window

0
 

Accepted Solution

by:
7workers earned 0 total points
Comment Utility
> caterham_www

I rewrite URLs for whole website.

So

<Location /api/apipoint1>
Satisfy any
</Location>

Doesn't work
0
 
LVL 27

Expert Comment

by:caterham_www
Comment Utility
> Doesn't work

I can't reproduce. The following works for me (/foo/bar accessible w/o a prompt for a password).
RewriteEngine on

RewriteRule ^/foo/bar /test/test.php [L]
 

<Directory /var/www/test>

 AuthName "testerei-wq:wq"

 AuthName "testerei"

 AuthType Basic

 AuthUserFile /var/www/test/.htpasswd

 Require valid-user

</Directory>
 

<Location /foo/bar>

 Satisfy any

</Location>

Open in new window

0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now