.htacess file prompting for password before redirecting

Forum Moderators: phranque

Message Too Old, No Replies

.htacess file prompting for password before redirecting

ocon

12:10 am on Aug 6, 2012 (gmt 0)

In my root directory I have an .htaccess file that redirects non-www traffic to www traffic:

/.htaccess

RewriteEngine On
RewriteBase /

RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule (.*) http://www\.example\.com/$1 [R=301,L]

I am trying to password protect my /admin/ folder and have created its own .htaccess file:

/admin/.htaccess

AuthUserFile /path/to/non/public/file/.htpasswd
AuthType Basic
AuthName "Admin"
Require valid-user

The problem is if I go to "example.com/admin/" I get prompted for my password, then redirected to "www.example.com/admin/" where it prompts me for my password a second time.

I'd like to do two things:

1 - Make it so if I go to "example.com/admin/" it first redirects me to "www.example.com/admin/" and then prompt me for my password.

2 - Combine these two .htaccess files in one if possible and advisable.

Any help is greatly appreciated.

lucy24

12:51 am on Aug 6, 2012 (gmt 0)

One way:

%{THE_REQUEST} !admin/

et cetera. That's assuming the /admin/ folder is physically located inside the root folder. Not the URL, the real filepath.

Oh, and for an absolutely perfect www redirect you have to allow for http 1.0:

!^(www\.example\.com)?$

"exactly www.example.com or exactly nothing".

ocon

2:59 am on Aug 6, 2012 (gmt 0)

Thanks Lucy I fixed my www redirect but I'm not sure where I would put %{THE_REQUEST} !admin/.

Should I place it in the root .htaccess to prevent the redirect from affecting the admin folder?

RewriteEngine On
RewriteBase /

RewriteCond %{THE_REQUEST} !admin/
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule (.*) http://www\.example\.com/$1 [R=301,L]

I didn't have any luck with it, and ideally I would still like the admin folder to be forced to the www subdomain too, I just don't want it to ask for the password before it redirects me so it has to ask me for it again.

lucy24

4:15 am on Aug 6, 2012 (gmt 0)

Hm. That should have worked. Is your /admin/ folder physically located inside your root folder? That is, assuming your typical shared-hosting setup:

/users/yourname/example.com/{stuff here}
/users/yourname/example.com/admin/{stuff here}

If instead it's something like

/users/yourname/admin/{stuff here}
or
/completely-different-area/yourname/admin/{stuff here}

then requests for /admin/ will never "see" the root-level htaccess. But I have to assume that /admin/ is inside your main directory, because otherwise it would never get redirected. Unless-- whoops!-- your host also has a with/without www redirect option (look in the control panel, by whatever name) and you've also set a preference there. Better go double-check. While you're at it, see if you've got any other access preferences set at this level. No point in tearing out your hair if things are happening in the config file before they ever reach your own htaccess.