mod_rewrite and protected subdirectories

Forum Moderators: phranque

Message Too Old, No Replies

mod_rewrite and protected subdirectories

Yurodivy

4:39 pm on Sep 21, 2005 (gmt 0)

Greetings all!

I've run into a little issue trying to get mod_rewrite to play nicely with a password-protected subdirectory I have set up.

In the root directory of my site, I have the following .htaccess file:


# DirectoryIndex index.php index.html
# Options +FollowSymLinks
# RewriteBase /relative/web/path/
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.+) - [PT,L]
RewriteRule ^(.*) index.php
</IfModule>

...And here's the .htaccess file in the password protected directory of my site.


AuthUserFile "/home/path/.htpasswds/members/passwd"
AuthName "Members Only Section"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>

Unfortunately, when I try to access the "members" section of my site, the rewrite is working so well that it just redirects to the index located in the root directory.

Any tips or solutions you can provide would be sincerely appreciated!

Yurodivy

5:01 pm on Sep 21, 2005 (gmt 0)

Is there a way to exclude the /members subdirectory from the rewrite rule so that the .htaccess file in that subdirectory will operate as intended? If so, what would that look like code-wise?

jdMorgan

5:17 pm on Sep 21, 2005 (gmt 0)

Yurodivy,

Welcome to WebmasterWorld!

A negative-match RewriteCond added to the beginning of the ruleset would do it:


RewriteCond %{REQUEST_URI} !^/members/
...

For more information, see the documents cited in our forum charter [webmasterworld.com] and the tutorials in the Apache forum section of the WebmasterWorld library [webmasterworld.com].

Jim

jdMorgan

5:21 pm on Sep 21, 2005 (gmt 0)

Ah, I see that you are actually using a negative-logic construct, so you'd need a positive match instead:


RewriteCond %{REQUEST_URI} ^/members/ [OR]

This will make the first rule match, and bypass the second rule which rewrites to your script.

Jim

Yurodivy

5:39 pm on Sep 21, 2005 (gmt 0)

Thanks for such a prompt reply.

To confirm, here's what my root .htaccess file looks like now...


# DirectoryIndex index.php index.html
# Options +FollowSymLinks
# RewriteBase /relative/web/path/
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/members/ [OR] 
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.+) - [PT,L]
RewriteRule ^(.*) index.php
</IfModule>

Unfortunately, I'm still seeing the same behavior as before: the /members subdirectory is still being subjected to the rewrite...

Yurodivy

4:30 pm on Sep 22, 2005 (gmt 0)

Is there any additional info I could provide to outline this issue any further. Again, I'm pretty much stuck.

jdMorgan

7:13 pm on Sep 22, 2005 (gmt 0)

Sorry for the delay. This is not a 'busy' forum with a lot of contributors, so answers may take take awhile.

Did you flush your browser cache after changing the code?

Jim

Yurodivy

8:08 pm on Sep 22, 2005 (gmt 0)

Ahh, understood.

Cache cleared but still the same behavior.

Is there a way to turn off Rewrite in the subdirectory I'm attempting to password-protect? I tried a simple Rewrite Off in there, but that didn't help either.

Or maybe instead of a catch-all sort of set up, perhaps I could specifically designate which get subjected to the rewrite rule?

FYI, this has to do with an installation of Textpattern on an Apache server.

<snip>

[edited by: jdMorgan at 1:31 am (utc) on Sep. 23, 2005]
[edit reason] Removed URLs per TOS. [/edit]

jdMorgan

1:32 am on Sep 23, 2005 (gmt 0)

> I tried a simple Rewrite Off

I assume you mean you tried "RewriteEngine off"...?

Jim

Yurodivy

2:00 am on Sep 23, 2005 (gmt 0)

Yep.