We help IT Professionals succeed at work.
Get Started

Allowing paypal to bypass password protection in .htaccess

Last Modified: 2016-03-24
I have a password protected ecommerce site. I am having difficulty with my .htaccess file allowing Paypal to send back the IPN. (I did learn that I needed the site to have SSL - so got that installed.)

Here is what I am using.

#allow access from paypal only
SetEnvIf Referer "^https://www\.paypal\.com" auth_referral
Order Allow,Deny
Deny from all

AuthType Basic
AuthName "FRBSF"
AuthUserFile "/path/to/my/.htpasswds/public_html/passwd"
Require valid-user
Allow from paypal.com
Allow from env=auth_referral
Satisfy any

Open in new window

I've tried dozens of combinations of code over the past 4 days and I end up with either the password protection not working and PayPal IPN working fine or vice versa. I need them both to work ASAP!

I've also tried using SetEnvIf HOST.

Thanks in advance!
Watch Question
Top Expert 2004
This problem has been solved!
Unlock 1 Answer and 14 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE