So I’m attempting to write protect asset folders but allow a path to feeds that traverses the same path but are not ‘real’ directories. If you’re wondering this is for WordPress.
I attempted to do this in the .htaccess:
AuthType Basic AuthName "Restricted Area" AuthUserFile /var/www/path/.htpasswd # We are not allow group access so this is set to null AuthGroupFile /dev/null Require valid-user # allow public access to the following resources # allow access to the feeds folder SetEnvIf Request_URI "(path/to/feeds/)$" allow # allow access before we consider if access should be denied Order allow,deny # allow access for any allowed variable you've specified Allow from env=allow # allow open access to entire site for select ips and sites Allow from 184.108.40.206 Allow from example.tld # apply all matching directives. Satisfy any
Now the /path/ folder is protected by the basic authentication. The feeds are of the form http://mydomain.com/path/to/feeds. Again ‘feeds’ is not a real directory. It could also be http:/mydomain.com/path/to/feeds/atoms/other/depths/of/virtual/folders/.
First is this even possible? If so what can I do to protect the /path/ folder that has images and videos inside that are protected but allow the path to feeds without hitting the authentication?
I hope this made sense?