Getting "authentication" on request / instead of / index.php

Question

Getting "authentication" on request / instead of / index.php

On my server, I have the following .htaccess file:

DirectoryIndex index.php AuthType Basic AuthName "Password Required" AuthUserFile /var/www/webinterface/.htpasswd Options +FollowSymLinks Require valid-user <Files index.php> Satisfy any Allow from * </Files>

If I request the URL "IP-ADDRESS / index.php", everything works fine, I get index.php without an authentication prompt. However, as soon as I ask for "IP-ADDRESS /", the browser asks me for my credentials.

Why is this so? What am I missing?

+6

apache .htaccess

ftiaronsem Jan 4 '12 at 17:21

source share

1 answer

Jon lin · Accepted Answer · 2012-01-04T18:56:32+0000

Try replacing the block with mod_setenvif to check the request URI instead of using <Files> . Mod_auth * modules take precedence over mod_dir, therefore mapping from / to /index.php does not occur earlier than after auth completes. Mod_setenvif will happen before authorization. Try:

 SetEnvIf Request_URI "^/$" allow=yes SetEnvIf Request_URI "^/index.php$" allow=yes AuthType Basic AuthName "Password Required" AuthUserFile /var/www/webinterface/.htpasswd Options +FollowSymLinks Order Deny,Allow Satisfy any Deny from All Require valid-user Allow from env=allow

If the requested URI is / or /index.php , then the allow variable is set. The material after the Auth lines says that it forbids everything except the actual user, or if the allow variable was set.

Getting "authentication" on request / instead of / index.php

More articles: