Welcome to WebmasterWorld Guest from 34.229.24.100

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

.htaccess to authorize only 1 file

     
2:51 pm on Dec 2, 2003 (gmt 0)

New User

10+ Year Member

joined:Dec 2, 2003
posts:5
votes: 0


Hello,

I need to configure my .htacces to:
- Authorize access to /index.php file for anybody
- Limit the other files from the / directory to valid users controled by login/password
(this is for maintenance purpose)

I can not manage to do this!

Can you please help me?

Regards

7:25 pm on Dec 2, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Nico100,

Welcome to WebmasterWorld [webmasterworld.com]!

As stated in our Charter [webmasterworld.com], we try not to write people's code here, but this thread [webmasterworld.com] may give you a good place to start.

Jim

12:47 am on Dec 3, 2003 (gmt 0)

New User

10+ Year Member

joined:Dec 2, 2003
posts:5
votes: 0



AuthName "Acces Restreint"
AuthType Basic
AuthUserFile "/.htpassword"
Require valid-user

This controls access to all files


<File /index.php>
Allow from all
Require None
Satisfy Any
</File>

This should authorize access to /index.php

Does not work! :(
Is it at least possible?

12:51 am on Dec 3, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


nico100,

Try:
<Files>
...
</Files>

<edit> Also, you may need an Order directive. </edit>

Jim

1:03 pm on Dec 3, 2003 (gmt 0)

New User

10+ Year Member

joined:Dec 2, 2003
posts:5
votes: 0



<Files "/index.php">
Allow from all
Require None
Satisfy Any
</Files>

Order allow,deny
AuthName "Acces Restreint"
AuthType Basic
AuthUserFile "/.htpassword"
Require valid-user

If I use:
Order allow,deny
it returns:
You don't have permission to access /index.php on this server.

If I use:
Order deny,allow
it asks for login/password for all files (even /index.php)

:((

7:27 pm on Dec 3, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


nico100,

Try something like this:


AuthUserFile /.htpass[b]wd[/b]
AuthGroupFile /dev/null
AuthName "Acces Restreint"
AuthType Basic
Satisfy any
Require valid-user
#
SetEnvIf Request_URI ^/index\.php public
#
<Files *>
Order Deny,Allow
Allow from public
</Files>

or maybe this would work:


AuthUserFile /.htpass[b]wd[/b]
AuthGroupFile /dev/null
AuthName "Acces Restreint"
AuthType Basic
Require valid-user
#
<Files /index.php>
Satisfy any
Order Deny,Allow
Allow from all
</Files>

I'd bet on the first version one, though, because authorization is the first thing the server looks at in an .htaccess context, and it may be too late to modify authorization (with 'Satisfy') by the time it processes <Files>.

I haven't tested either of these, but derived them from the thread I cited above in post #2.

Also, note that I've used the standard password-file name, so that later viewers of this thread won't be confused. You should continue to use your customized name, though.

Jim