I am able to password protect directories via the htaccess file at the root of my site (I have to use one htaccess file in my site root because of my CMS). The issue I'm having is assigning users to each directory I want to protect. I can create multiple users and password protect multiple directories, but any user will work for any protected directory. For example:
example.com/section-one should be private and accessed by user "one".
example.com/section-two should be private and accessed by user "two".
However any user will work on either section and once users log into one they have access to the others without being asked for a password. I know it is an issue with my htaccess file. I tried using but can't seem to figure out the formatting. All the information online shows how to do this for files, but directories just isn't as easy to find help on.
I am using this:
<IfModule mod_authn_file.c>
SetEnvIf Request_URI "^/section-one.*$" private
AuthName "Password Needed"
AuthGroupFile /dev/null
AuthType Basic
AuthUserFile /www/server/.htpasswd
Require user one
Order Deny,Allow
Deny from env=private
Satisfy any
</IfModule>
<IfModule mod_authn_file.c>
SetEnvIf Request_URI "^/section-two.*$" private
AuthName "Password Needed"
AuthGroupFile /dev/null
AuthType Basic
AuthUserFile /www/server/.htpasswd
Require User two
Order Deny,Allow
Deny from env=private
Satisfy any
</IfModule>
.htaccess files are used for applying specific configuration directives to the directories in which they are located. It is not possible to use one .htaccess file to specify different configurations for different directories. You either need to put your access controls in the server/vhost configuration file or use one .htaccess per directory.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With