Menu
We have this workflow: Development is done on dev.example.com Changes are committed to SVN, then exported to live site. Live site is at www.example.com
I want to password protect dev.example.com, but if I do it with .htaccess, we will be using the same .htaccess at live site and it will get password protected too.
We are using Dreamhost shared hosting, I have SSH access, but I can not edit Apache's configuration .conf files.
We don't want to have separate .htaccess files for dev&live and ignore .htaccess in SVN because updates are done to .htaccess as well.
So what should I do?
817
If mod_setenvif is enabled on the server, you could add this to your .htaccess file:
SetEnvIfNoCase ^HOST$ .+ unauthenticated SetEnvIfNoCase ^HOST$ ^dev\.example\.com$ !unauthenticated AuthType Basic AuthName "Secured" AuthUserFile /path/to/.htpasswd Require valid-user Order allow,deny Allow from env=unauthenticated Satisfy any What this basically does is it sets an environment variable called "unauthenticated" but unsets it if the HOST (the host requested by the browser) is exactly "dev.example.com". In the Directory directive, the "satisfy any" tell Apache to allow the request if any one of the conditions are met. This means that on "dev.example.com", the environment variable won't be set and as such, you'll be required a password. For any other hosts, the variable will be set so Apache won't ask for credentials.
66
You could ignore .htaccess, keeping it out of your repository entirely. Then just have two different .htaccess files on each server. Because they're ignored, they won't get overwritten in the SVN update.
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
