rupertrealbear Posted August 28, 2008 Share Posted August 28, 2008 Hi I set up some directives to require a password on a particular folder off my document root /public-html/hq in an .htaccess in that folder:- AuthName "Restricted Area" AuthType Basic AuthUserFile /home/charlie/.htpasswd AuthGroupFile /dev/null require valid-user . . . which worked ok with a .htpasswd in my server account root. I also needed to force ALL requests to my site to be changed on htpps:// requests, for which I had successfully added these directives to a .htaccess in my /public-html folder:- . . . RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} When both these directives are in effect, I find that requests to a script in /public-html/hq generally gets redirected to a non-existent error document /401.shtml and the visitor is left with a "File not Found". I moved the 'force SSL' directives into the .htaccess in /public-html/hq:- RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} AuthName "Restricted Area" AuthType Basic AuthUserFile /home/charlie/.htpasswd AuthGroupFile /dev/null require valid-user . . . which gets me in but asks or the password TWICE (before and after changnig the request into a https:// one). I suppose I could bare subjecting the user to having to enter their password again - but isn't there some subtle workaround ? Any suggestions much appreciated Rupertrealbear Link to comment https://forums.phpfreaks.com/topic/121667-how-to-global-force-ssl-require-password-in-particular-folder/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.