In the last blog post,we had discussed how you can password protect all of the directories on your web server.In this post,we will share how you can exclude some of the directories and keep others with password protection.
# password protection allowing directory and file access AuthType Basic AuthName "Restricted Area" AuthUserFile /home/path/.htpasswd AuthGroupFile /dev/null Require valid-user SetEnvIf Request_URI "(path/to/directory/)$" allow SetEnvIf Request_URI "(path/to/file\.php)$" allow Order allow,deny Allow from env=allow Satisfy any
In the above piece of codes,we have highlighted the lines which are required to enable some of the directories on your web hosting server to be opened without any password protection.
Below is the explaination:
SetEnvIf Request_URI "(path/to/directory/)$" allow
In this line, we have mentioned the specified URL request as an allow variable.This line essentially instructs to the web server, “associate the specified URL (i.e., path/to/directory/) with an allow variable.”
This line specifies the order in which access parameters will be evaluated. In this case, we want to consider allowed access before denied access.
Allow from env=allow
In this line, we are telling Apache to allow access to any resource associated with an allow variable.
This line instructs the Apache server to apply the directives for any condition in which the specified parameters have been satisfied.