Forum Moderators: phranque
i have a htaccess file in my root dir which redirects from non www to www.
now i want to create a dir that is password protected. it does work but only if i type the url with www, w/out i get a 401 error. also it doesn't work in safari, just in firefox.
what i want is that i would just have to enter domain.com/dir and this should redirect to www.domain.com/dir.
what am i doing wrong?
here's my root htaccess code:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.+) - [PT,L]
RewriteRule ^(.+) index.php
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
<snip>
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule . abuse.txt [L]
and here from the pw dir:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^(.*)$ http://example.com/mary/pepper/tillkruess/downloads/tracker.php?url=http://%{HTTP_HOST}%{REQUEST_URI}&force;[L]AuthType Basic
AuthName "Restricted Area"
AuthUserFile "/home/example/.htpasswds/public_html/d/passwd"
require valid-user
[edited by: jdMorgan at 2:12 pm (utc) on Aug. 15, 2009]
[edit reason] snipped code dump, switched to example.com [/edit]
See the following Apache directives:
SetEnvIf (mod_setenvif)
Order (mod_access)
Allow from env= (mod_access)
Satisfy any (core)
Basically, you allow access if the user is logged-in OR if the user requests the 'wrong' domain. But if the user requests the wrong domain, he/she will be immediately redirected to the correct domain, where login is always required. This method is necessary because otherwise, mod_auth always takes precedence over most other Apache modules, including mod_rewrite.
Also see the Apache authentication/authorization tutorial for examples.
Jim
