Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Apache Module mod_auth exceptions

Posted on 2013-01-14
10
Medium Priority
?
367 Views
Last Modified: 2013-02-01
Hi E's, I have a sub-domain where I use Apache Module mod_auth inside a .htaccess.
I have this code:
AuthName "/"
AuthUserFile "/home/pedro/.htpasswds/public_html/biblioteca/passwd"
AuthType Basic
require valid-user

Open in new window

The code above will request always a login in every part of the site.
What I want to know it is if can have some exceptions. For example, if I can give access without login for 2 or 3 files, how I do? It's possible protect entire system and give some exceptions?

The best regards. JC
0
Comment
Question by:Pedro Chagas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
10 Comments
 
LVL 16

Accepted Solution

by:
grahamnonweiler earned 1200 total points
ID: 38775817
In normal circumstances you would do the opposite of what you are asking:

                   Allow access to all - but - Restrict access on a specifc folder/directory

Currently your .htaccess is in the root, so it restricts access to everything under it (including sub-folders).

You would be better to place all the files you want to allow general access to in the root, then create a sub-folder, with your .htaccess in it, and place all restricted content (including any sub-folders) there.
0
 
LVL 26

Expert Comment

by:arober11
ID: 38786658
You can add a Files, or FilesMatch block to the .htaccess file, to lift the restriction for certain requests e.g.

<Files "public_file.html">
    Order allow,deny
    Allow from all
    Require any
</Files>

Open in new window

0
 
LVL 3

Author Comment

by:Pedro Chagas
ID: 38786679
Hi @arober11, let me see if I understand, because seems a good solution.
For example, if I want unprotected the file "../folder1/index.php" and the file "../folder1/process.php" how I use your code?
And how is the structure of code between my startup code and this change?

The best regards, JC
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 26

Expert Comment

by:arober11
ID: 38790469
Stick the following in the folder1 .htacess file:

<Files ~ "(index|process)\.php">
    Order allow,deny
    Allow from all
    Require any
</Files>

Open in new window

0
 
LVL 3

Author Comment

by:Pedro Chagas
ID: 38792710
Hi, I create a .htaccess file in the folder where are the php files that I want unprotect. But have a strange behavior. When I open the php files in folder, they still continue request the user name and the password, and the strange is my user name and my password not unlock the system.
Should not open the file system (in this case process.php and index.php) without asking credentials?

I have my own library, where I put new knowledge in informatics, the place is http://rdsrc.us/HWSzkM . Sometimes I need to unlock some files (temporary), for example to show here in 'experts exchange'. For each new tutorial I create a new folder that will contain the files, and sometimes I need to unlock the access to that files to 'experts' see.

But, your solution do not unlock the system for access to that specific files.

I hope you can give me the right solution.

~JC
0
 
LVL 3

Author Comment

by:Pedro Chagas
ID: 38792788
Even, the solution can be other. If it more easy and logical, I can create access for specific files, giving a new password and user name to the visitors, just to determined files, and maintain my personal user name and password for the rest of the system.

~JC
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
This video teaches users how to migrate an existing Wordpress website to a new domain.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question