Hi,
I would need to protect a whole website with .htaccess with the exception of one directory. I have tried doing this, but I cannot seem to be able to leave this one directoy accessible. Can somebody help here please?
Thanks,
Adrien
Adrien,
Please describe your file structure for us to determine what you’re asking about.
I’m sure that this can be done using mod_rewrite BUT the HOW is determined by the physical location of the WHAT which was left unstated.
Regards,
DK
Hi dklynn,
My root, ie what people see when they type http://www.example.com is /var/www/html/. I would like to protect all files and folders in my root with the exception of /test/, ie /var/www/html/test/.
I hope this is clearer.
frodo,
You really can’t protect a higher level directory (DocumentRoot) without that protection extending to its subdirectories. Okay, you CAN but, because of the hierarchical nature of .htaccess, I’d use $_SESSION with PHP.
Let’s see, though. With mod_rewrite, you COULD add this to your DocumentRoot’s .htaccess file and see what happens:
RewriteEngine on
RewriteCond %{REQUEST_URI} !^test/
RewriteRule .? - [F]
That SHOULD look to see whether the URI started with test/ and, if not, FAIL every request.
Regards,
DK
Hi dklynn,
Thanks for your help. Reading your code I am not sure how I would allow legitimate (and authenticated) traffic through.
Adrien
frodo,
Hmmm, changing the specification on me, are you? You wanted to eliminate ALL access EXCEPT to test and that’s what the above code does. Therefore, if you want to add authentication on the test directory, that’s another question, mod_auth_basic.
Regards,
DK