htaccess password protect files with different users

apache .htaccess authentication .htpasswd

Tony Brix · Sep 26, 2013 · Viewed 10.7k times · Source

I have a files server and I use mod_autoindex to server the files. I have a username and password in htaccess so only certain people can access the files. I have added another user to htpasswd but I would only like that user to access some of the files/folders.

Here is my htaccess file now:

AuthType Basic
AuthName "restricted"
AuthUserFile E:\\path\\to\\.htpasswd

<Files "filesForAnyUser\\*">
  Require valid-user
</Files>

<Files "*">
Require user admin
</Files>

I'm sure I am doing something wrong but I can't find any good documentation on this.

Answer

If you have a folder called "filesForAnyUser" and a folder where you have files only for admin, you need to make 2 htaccess files. One in "filesForAnyUser":

AuthType Basic
AuthName "restricted"
AuthUserFile E:\\path\\to\\.htpasswd
Require valid-user

And one in the other directory:

AuthType Basic
AuthName "restricted"
AuthUserFile E:\\path\\to\\.htpasswd
Require user admin

htaccess password protect files with different users

Answer

Related questions