I am working on a WordPress site, and my pages are using a permalink structure that mod_rewrites them to look like directories. For a few pages I want to use Basic Authentication to password protect a few of the pages. How would I write this in my .htaccess file? Am I protecting the file, or the rewritten address?
Leave a Reply
You must be logged in to post a comment.
You won’t need mod_rewrite for this, hopefully, this should do the trick:
The mod_auth and mod_env modules should have precidence over mod_rewrite, so your fake directory structure should stay the same. You’d just need to fill out a
SetEnvIfNoCase Request_URI ^/some/path/to/protect require_auth=true
for each one, then fill out the rest of the auth stuff to suit your needs.The only problem I have with this solution is that clicking the cancel button will show the protected page. I tried to solve this by using:
But that didn’t work. I’m not sure why.
To solve the problem quick and dirty I added
To create a redirect I used this
For those who came here with same problem as me, with .htaccess like this
rules above are not working as I expected (authorize, then rewrite)
thanks to comment from Alek to point that out
so when I removed IfModule brackets, the rules have begun to work for me.