Solved

Apache Module mod_auth exceptions

Posted on 2013-01-14
10
355 Views
Last Modified: 2013-02-01
Hi E's, I have a sub-domain where I use Apache Module mod_auth inside a .htaccess.
I have this code:
AuthName "/"
AuthUserFile "/home/pedro/.htpasswds/public_html/biblioteca/passwd"
AuthType Basic
require valid-user

Open in new window

The code above will request always a login in every part of the site.
What I want to know it is if can have some exceptions. For example, if I can give access without login for 2 or 3 files, how I do? It's possible protect entire system and give some exceptions?

The best regards. JC
0
Comment
Question by:Pedro Chagas
  • 3
  • 2
10 Comments
 
LVL 16

Accepted Solution

by:
grahamnonweiler earned 300 total points
ID: 38775817
In normal circumstances you would do the opposite of what you are asking:

                   Allow access to all - but - Restrict access on a specifc folder/directory

Currently your .htaccess is in the root, so it restricts access to everything under it (including sub-folders).

You would be better to place all the files you want to allow general access to in the root, then create a sub-folder, with your .htaccess in it, and place all restricted content (including any sub-folders) there.
0
 
LVL 26

Expert Comment

by:arober11
ID: 38786658
You can add a Files, or FilesMatch block to the .htaccess file, to lift the restriction for certain requests e.g.

<Files "public_file.html">
    Order allow,deny
    Allow from all
    Require any
</Files>

Open in new window

0
 
LVL 3

Author Comment

by:Pedro Chagas
ID: 38786679
Hi @arober11, let me see if I understand, because seems a good solution.
For example, if I want unprotected the file "../folder1/index.php" and the file "../folder1/process.php" how I use your code?
And how is the structure of code between my startup code and this change?

The best regards, JC
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 26

Expert Comment

by:arober11
ID: 38790469
Stick the following in the folder1 .htacess file:

<Files ~ "(index|process)\.php">
    Order allow,deny
    Allow from all
    Require any
</Files>

Open in new window

0
 
LVL 3

Author Comment

by:Pedro Chagas
ID: 38792710
Hi, I create a .htaccess file in the folder where are the php files that I want unprotect. But have a strange behavior. When I open the php files in folder, they still continue request the user name and the password, and the strange is my user name and my password not unlock the system.
Should not open the file system (in this case process.php and index.php) without asking credentials?

I have my own library, where I put new knowledge in informatics, the place is http://rdsrc.us/HWSzkM . Sometimes I need to unlock some files (temporary), for example to show here in 'experts exchange'. For each new tutorial I create a new folder that will contain the files, and sometimes I need to unlock the access to that files to 'experts' see.

But, your solution do not unlock the system for access to that specific files.

I hope you can give me the right solution.

~JC
0
 
LVL 3

Author Comment

by:Pedro Chagas
ID: 38792788
Even, the solution can be other. If it more easy and logical, I can create access for specific files, giving a new password and user name to the visitors, just to determined files, and maintain my personal user name and password for the rest of the system.

~JC
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Any business that wants to seriously grow needs to keep the needs and desires of an international audience of their websites in mind. Making a website friendly to international users isn’t prohibitively expensive and can provide an incredible return…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now