Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google      Sign In   
  • Create Account

Subscribe to HRA Now!


Are you a Google Analytics enthusiast?

Share and download Custom Google Analytics Reports, dashboards and advanced segments--for FREE! 




From the folks who brought you High Rankings!

- - - - -

.htacess File Prompting For Password Before Redirecting

  • Please log in to reply
1 reply to this topic

#1 JeremyH


    HR 5

  • Active Members
  • PipPipPipPipPip
  • 367 posts
  • Location:San Diego

Posted 06 August 2012 - 04:56 PM

In my root directory I have an .htaccess file that redirects non-www traffic to www traffic:


RewriteEngine On
RewriteBase /

RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$ [NC]
RewriteRule (.*) http://www\.example\.com/$1 [R=301,L]

I am trying to password protect my /admin/ folder and have created its own .htaccess file:


AuthUserFile /root/private/.htpasswd
AuthType Basic
AuthName "Admin"
Require valid-user

The problem is if I go to "example.com/admin/" I get prompted for my password, then redirected to www.example.com/admin/ where it prompts me for my password a second time.

I'd like to do two things:
1 - Make it so if I go to "example.com/admin/" it first redirects me to "www.example.com/admin/" and then prompt me for my password.
2 - Combine these two .htaccess files in one if possible and advisable.

Any help is greatly appreciated.

#2 chrishirst


    A not so moderate moderator.

  • Moderator
  • 7,718 posts
  • Location:Blackpool UK

Posted 09 August 2012 - 08:51 AM

A .htaccess redirect creates a second (internal) HTTP request to the server so .htaccess is read twice in this case, also .htaccess affects ALL the subfolders of the folder it is placed in. Therefore a "root" .htaccess applies to the entire physical structure.

A: Add a negative rewrite condition to exclude the admin folder and subfolders from the redirect

RewriteEngine on
RewriteCond %{REQUEST_URI}!^/admin/
# ^^^^ says "If the requested URI does NOT start with /admin/ redirect it.
RewriteRule (.*) http://www.site.tld/$1 [R=301,L]

B: Put the authorisation in the root .htaccess file

AuthType Basic
AuthName "WhatEver"
AuthUserFile /home/user/siteroot/admin/.htpasswd
# ^^^^^^^^^^^^^^ this needs to be the PHYSICAL path to the folder
require valid-user

You can find the physical path with phpinfo() and locate the "DOCUMENT_ROOT" value

By the way you don't need both of those. A or B should do what you need.

Edited by chrishirst, 09 August 2012 - 08:49 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

We are now a read-only forum.
No new posts or registrations allowed.