Exclude folder from htpasswd

apache .htaccess .htpasswd
Plasticated picture Plasticated · Mar 25, 2012 · Viewed 14.1k times · Source

I need to password protect a website with a username/password but need to keep the "/assets" folder accessible as files like images/css are being embedded on other sites.

I have this for the protection:

Order Allow,Deny
AuthType Basic
AuthName "Password"
AuthUserFile /var/www/.htpasswd
Require valid-user
Satisfy Any

How can I specify to protect everything bar the /assets folder?

Answer

David Wolever picture David Wolever · Mar 25, 2012

You'd use, in a .htaccess file in the assets/ directory:

Satisfy Any
Order Allow,Deny
Allow from all

See the examples here: http://httpd.apache.org/docs/2.2/mod/core.html#require

Related questions

How to write "if...else" mod_rewrite statements in .htaccess

I've scoured StackOverflow for an answer to this and seen many questions come close, but nothing is working for me yet. I'd like to have my .htaccess apply different rules based on the domain calling it. Basically, if subdomain.example.…

Read More
Apache 2.4 "..authentication failure..:Password Mismatch"

I am running Apache 2.4 in Windows Server 2008 R2. I am attempting to password protect a subdirectory and successfully did so in Apache 2.0. After upgrading I took Apache's advice and am attempting to put the authentication config in httpd.config. I …

Read More
How do I figure out what user & group Apache is running as?

On DreamHost shared hosting, I'm setting up htpasswd, but Apache does not have permission to read the file. How do I give it permission? I want to either change the owner or group of the .htpasswd file instead of giving …

Read More