Apache: protect whole website with pasword excluding one(2,3) URLs

Posted on 2008-10-17
Medium Priority
Last Modified: 2010-03-04
Hi experts!

I have a problem, i need to protect whole website with password excluding few URLS.

Basically i have:

<Directory /var/www/vhosts/dev.tda>
        AuthType Basic
        AuthName "Authorisation required"
        AuthUserFile /var/www/vhosts/dev.tda/conf/htpasswd
        Require user dev

and i need, let's say url "/api/apipoint1" to be accessible without apache prompting for password

the thing is, that i rewrite URL so "/api/apipoint1" doesn't  match any file on filesystem

Can anyone help?
Question by:7workers
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 27

Expert Comment

ID: 22744858
> the thing is, that i rewrite URL

Where? Server-context or directory context?

A possible solution could be a location container with the satisfy directive
<Location /api/apipoint1>
Satisfy any

Open in new window


Accepted Solution

7workers earned 0 total points
ID: 22774052
> caterham_www

I rewrite URLs for whole website.


<Location /api/apipoint1>
Satisfy any

Doesn't work
LVL 27

Expert Comment

ID: 23137544
> Doesn't work

I can't reproduce. The following works for me (/foo/bar accessible w/o a prompt for a password).
RewriteEngine on
RewriteRule ^/foo/bar /test/test.php [L]
<Directory /var/www/test>
 AuthName "testerei-wq:wq"
 AuthName "testerei"
 AuthType Basic
 AuthUserFile /var/www/test/.htpasswd
 Require valid-user
<Location /foo/bar>
 Satisfy any

Open in new window


Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses
Course of the Month10 days, 4 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question