Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google      Sign In   
  • Create Account

Subscribe to HRA Now!

 



Are you a Google Analytics enthusiast?

Share and download Custom Google Analytics Reports, dashboards and advanced segments--for FREE! 

 



 

 www.CustomReportSharing.com 

From the folks who brought you High Rankings!



Photo
- - - - -

.htacess File Prompting For Password Before Redirecting


  • Please log in to reply
1 reply to this topic

#1 JeremyH

JeremyH

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 367 posts
  • Location:San Diego

Posted 06 August 2012 - 04:56 PM

In my root directory I have an .htaccess file that redirects non-www traffic to www traffic:

/root/public/.htaccess

RewriteEngine On
RewriteBase /

RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$ [NC]
RewriteRule (.*) http://www\.example\.com/$1 [R=301,L]

I am trying to password protect my /admin/ folder and have created its own .htaccess file:

/root/public/admin/.htaccess

AuthUserFile /root/private/.htpasswd
AuthType Basic
AuthName "Admin"
Require valid-user

The problem is if I go to "example.com/admin/" I get prompted for my password, then redirected to www.example.com/admin/ where it prompts me for my password a second time.

I'd like to do two things:
1 - Make it so if I go to "example.com/admin/" it first redirects me to "www.example.com/admin/" and then prompt me for my password.
2 - Combine these two .htaccess files in one if possible and advisable.

Any help is greatly appreciated.

#2 chrishirst

chrishirst

    A not so moderate moderator.

  • Moderator
  • 6,833 posts
  • Location:Blackpool UK

Posted 09 August 2012 - 08:51 AM

A .htaccess redirect creates a second (internal) HTTP request to the server so .htaccess is read twice in this case, also .htaccess affects ALL the subfolders of the folder it is placed in. Therefore a "root" .htaccess applies to the entire physical structure.

A: Add a negative rewrite condition to exclude the admin folder and subfolders from the redirect

RewriteEngine on
RewriteCond %{REQUEST_URI}!^/admin/
# ^^^^ says "If the requested URI does NOT start with /admin/ redirect it.
RewriteRule (.*) http://www.site.tld/$1 [R=301,L]


B: Put the authorisation in the root .htaccess file

AuthType Basic
AuthName "WhatEver"
AuthUserFile /home/user/siteroot/admin/.htpasswd
# ^^^^^^^^^^^^^^ this needs to be the PHYSICAL path to the folder
require valid-user


You can find the physical path with phpinfo() and locate the "DOCUMENT_ROOT" value

By the way you don't need both of those. A or B should do what you need.

Edited by chrishirst, 09 August 2012 - 08:49 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

SPAM FREE FORUM!
 
If you are just registering to spam,
don't bother. You will be wasting your
time as your spam will never see the
light of day!