1

I want to deny all anonymous users by default yet allow anonymous users for a specific virtual path; the virtual path is created by a wordpress htaccess + php

Current Setup

AuthUserFile /var/www/domains/dev/.htpasswd AuthType Basic AuthName "Password Required" Require user jackson dawna Order Deny,Allow Deny from All <If "%{REQUEST_URI} =~ m#/sites/dawna/wordpress/wp-json/wp/v2/.*#"> Order Allow,Deny Allow from All Satisfy Any </If> Satisfy Any

Problem

The above code denies all users and asks for credentials. However if I switch global to Allow from All and the If to Deny from All then this works as expected, only denying the specified route

Question

How can I allow anonymous visitors to my virtual route while making everything else password protected?

Improve this question

2 Answers 2

Reset to default
0

By the sounds of it you only need to ask for authentication if the requested URL-path is not the URL-path that you want to allow public access. And simply allow access otherwise.

You are also mixing in Apache 2.2 auth directives on what would seem to be an Apache 2.4 system.

Try something like the following instead:

<If "%{REQUEST_URI} !~ m#^/this/urlpath/is/public/#"> AuthUserFile /var/www/domains/dev/.htpasswd AuthType Basic AuthName "Password Required" Require user jackson dawna </If>

The above checks that the requested URL does not start /this/urlpath/is/public/ (you were missing a start-of-string anchor ^ in your example) and only prompts for authentication if it doesn't. The default action is then to allow access (for any URL that starts with that URL-path).

Improve this answer
0

Due to the nature of the virtual path (created by wordpress) I had to use THE_REQUEST instead:

<If "%{THE_REQUEST} =~ m#^GET /sites/dawna/wordpress/wp-json/#"> Allow from All Satisfy Any </If>

The wordpress redirect uses wordpress/index.php so using the REQUEST_URI wasn't working because the uri is always /path/to/wordpress/index.php making the my if statement useless.

NOTE

If you need to support PUT's or other you'll have to add that in. [A-Z]{3} or [A-Z]{3-6} where the latter will open up to everything.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.