OK, I have an area on my wordpress site, home/gallery/test and I want to restrict access to it using .htaccess. Setting up authentication for a directory using .htaccess is pretty straightforward. But my problem in wordpress is that home/gallery/test doesn’t actually exist as a directory anywhere because I’m using pretty URLs.
So, while I can stick the authentication block in the .htaccess located in the home directory, this then requests authentication for the entire site. I am at a loss to know where to locate the .htaccess file to limit access to just home/gallery/test.
Any thoughts? Can I set something up in the home directory .htaccess file to understand that it isn’t the entire site but just the home/gallery/test URL that I want to protect?
For information, here’s the contents of my htaccess file (updated to include the suggested solution).
SetEnvIfNoCase Request_URI "^/home/gallery/test$" protected
AuthType Basic
AuthName "Forbidden"
AuthUserFile /home/xxxxx/.htpasswd
Require valid-user
Order allow,deny
Allow from all
Deny from env=protected
Satisfy any
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^/(failed_auth.html).*$ [NC]
RewriteRule . - [L]
</IfModule>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
There is a solution using
mod_setenvifEDIT: taking your htaccess code into consideration, it should look like this