Question

5

Restrict access to apache2 web root but allow it to subfolders

rated 0 times [ 5] [ 0] / answers: 1 / hits: 11940 / 1 Year ago, sun, march 5, 2023, 10:19:56

I need to restrict access by password to my web root apache test server (ie http://localhost) but allow access to subfolders (ie: http://localhost/testsite)

I did create the .htpasswd and .htaccess, and put the .htaccess to web root (http://localhost) so when trying to access web root, it asks for user and pass, but so does in subfolders (ie: trying to access http://localhost/testite)

I want to be asked for password on web root, but not on subfolders.

Is that possible?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

antebrow

Add To Favorites

Follow

Total Points: 291

Total Questions: 135

Total Answers: 117

Location: New Caledonia

Member since Thu, Mar 23, 2023

1 Year ago

answered 1 Year ago istmasted · Accepted Answer

seems like you told Apache to require a password for your web-root, but did you dell Apache to not require it for all other directories?

Inside your .htaccess (or in httpd.conf, they do the same job) you likely have something like what is below (add a pastebin link to your .htaccess file and I can make this exact):

<Directory "/www/private">

   Order allow,deny

   Allow from all



   Options Indexes

   AuthType Basic

   AuthName "Private Access"

   AuthUserFile "/www/private/.htpasswd"

   Require valid-user

</Directory>

But that will apply to all directories under that path as well. You'll need to explicitly tell Apache otherwise.

<Directory "/var/private/subdir">

    Satisfy any

</Directory>

You can use regular expressions with <DirectoryMatch "regex"> to generalize this, just don't forget to guard against asdf.com/subdir/../ expressions.

UPDATE:
Also worth mentioning that although much of the documentation already has <Directory[Match]> directives there are also <Location[Match]> directives that are helpful in the case of symlinks on the underlying filesystem.