Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

.htaccess - Disable basic auth for specific path

Tags:

apache

.htaccess

I run a testsystem with a htaccess basic auth:

AuthType Basic
AuthName "Restricted Content"
AuthUserFile /var/www/html/.htpasswd
Require valid-user

I now want to disable this auth for all user who target the /api and /api/orders etc. of this server. I tried it with this:

SetEnvIf Request_URI "/api(.*)$" api_uri
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /var/www/html/.htpasswd
Require valid-user
Deny from all
Allow from env=api_uri
Satisfy any

But this does not work - mod_setenvif is enabled. Does anybody have an idea why this is not working?

Thanks!

like image 366
Torben Avatar asked Mar 10 '26 13:03

Torben

2 Answers

Have it this way:

SetEnvIf Request_URI /api api_uri

AuthType Basic
AuthName "Restricted Content"
AuthUserFile /var/www/html/.htpasswd
Require valid-user

Satisfy    any
Order      deny,allow
Deny from  all
Allow from env=api_uri
like image 120
anubhava Avatar answered Mar 12 '26 06:03

anubhava

I normally just add a separate .htaccess file inside the api folder:

Satisfy any
like image 42
Álvaro González Avatar answered Mar 12 '26 07:03

Álvaro González
Sign in to Comment

Related questions

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!