1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 11:09 am May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

htaccess unprotect one directory

500 Internal Error on htaccess

         

j_a_c_k

9:04 pm on Dec 9, 2016 (gmt 0)

10+ Year Member



Using Apache/2.4.18 (Ubuntu)
My in-house site is protected by a single .htaccess file in my root directory.
It looks like this:
AuthUserFile /var/security/mysite/.htpasswd
AuthGroupFile /var/security/mysite/.htgroups
AuthType Basic
AuthName "Mysite Secure"
require group associates

It works as expected, to require userID and password to access any file on the site.
I now have a need to allow public, unrestricted, access to a new directory that I call show. I can find no clear example of what I need and where I need to place it to make this directory brows-able by all. There are countless snippets saying just use this
Allow from all
I tried putting this statement in an htaccess file in the show directory, it results in a 500 Internal Server Error.
Does there need to be more than these three words to make an htaccess file?
Another common suggestion says use this:
<Directory "/var/www/mysite/public_html/show">
Allow from all
Satisfy Any
</Directory>
But does not say where this should be placed;
- in the root Directory?
- in the show directory?
I have tried both, both result in a 500 error

It seems that htaccess is very mysterious and no clear documentation exists. Even the Apache site is simply a list of examples without a discussion of how it works and what are the rules.

robzilla

10:58 pm on Dec 9, 2016 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Could it be as simple as: 

<Directory "/var/www/mysite/public_html"> 
AuthUserFile /var/security/mysite/.htpasswd 
AuthGroupFile /var/security/mysite/.htgroups 
AuthType Basic 
AuthName "Mysite Secure" 
Require group associates 
</Directory> 
<Directory "/var/www/mysite/public_html/show"> 
Require all granted
</Directory>

(in your root .htaccess file)

keyplyr

12:53 am on Dec 10, 2016 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Or use specific htaccess for each directory

lucy24

1:39 am on Dec 10, 2016 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



both result in a 500 error

It's possible--though it is not an appealing possibility--that your host didn't bother to install mod_compat when moving to 2.4. If so, 2.2 locutions such as Allow/Deny won't work.

If the overall htaccess says "Require suchandsuch", use the same syntax in the inner directory. Just change it to
:: shuffling papers ::
Require all granted
or whatever variant best suits your purposes. (I assume, for example, that you don't want to let literally everyone in. You're still blocking malign robots, right?)

j_a_c_k

4:57 pm on Dec 12, 2016 (gmt 0)

10+ Year Member



I first checked and compatibility is indeed installed; however the "It could be as simple as" example above failed.

Here is how I finally got it to work.
I reverted to my original htaccess in the root to restore authentication to the whole site.
That is without the <Directory> tags:

AuthUserFile /var/security/mysite/.htpasswd
AuthGroupFile /var/security/mysite/.htgroups
AuthType Basic
AuthName "Mysite Secure"
require group associates

I then placed only this
Require all granted
in the show directory's htaccess and it all worked as needed.

Your post was quite helpful.
Thank You Very Much!
If anyone comes across an "htaccess for dummies" document that does not just show examples without any real documentation of how it all works, please send it my way.
Jack
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 11:09 am May 1, 2026