davidannis Posted May 3, 2014 Share Posted May 3, 2014 I generally follow the pattern of having three versions as I develop a new site. ddd.mydomain.com for active development, ttt.mydomain.com for testing, and www.mydomain.com for a live site. I protect the test site with htaccess. However, when I want to test Paypal IPN integration, I hit a snag because Paypal doesn't understand protected directories, so to test integration I need to either temporarily remove the .htaccess file or send the IPN notification to a different domain on the same server. I don't really like either of these solutions. Is there a way to let Paypal traffic only into an htaccess protected directory? Can I use htaccess for all directories but exempt a single program (my IPN listener)? Does anybody have a better approach? Link to comment https://forums.phpfreaks.com/topic/288220-password-protecting-test-environment/ Share on other sites More sharing options...
requinix Posted May 3, 2014 Share Posted May 3, 2014 PayPal has a specific set of hostnames it calls from. You can lift the restriction for the right one(s). Link to comment https://forums.phpfreaks.com/topic/288220-password-protecting-test-environment/#findComment-1478107 Share on other sites More sharing options...
davidannis Posted May 4, 2014 Author Share Posted May 4, 2014 Sorry to be dense but I still can't get it to work quite the way I want it to. I want anyone to encounter the Auth rule (require a username/password) except paypal. When I try to explicitly allow domains without Auth I can do so, but when I add the Auth those domains are not exempted. Here's the relevant part of my .htaccess file. AuthName "Test Site" AuthUserFile "/home/ezvaluat/.htpasswds/public_html/testezvalpro/passwd" require valid-user <Limit GET> order deny,allow deny from all allow from .paypal.com allow from .lightspeed.lnngmi.sbcglobal.net </Limit> This just denies me from comcast (or any other random domain) and prompts me for a password from .lightspeed.lnngmi.sbcglobal.net. I want it to prompt me for a password from comcast (or any other random domain) but to let me in from .lightspeed.lnngmi.sbcglobal.net or paypal with no password prompt. Also, I managed to put this in the wrong section. It has nothing to do with php configuration. I'd appreciate it if an admin would kindly move it to a more appropriate place. Link to comment https://forums.phpfreaks.com/topic/288220-password-protecting-test-environment/#findComment-1478182 Share on other sites More sharing options...
davidannis Posted May 4, 2014 Author Share Posted May 4, 2014 I think I have it fixed. AuthType Basic AuthName "Test Site" AuthUserFile "/home/ezvaluat/.htpasswds/public_html/testezvalpro/passwd" require valid-user order deny,allow deny from all allow from .paypal.com allow from .lightspeed.lnngmi.sbcglobal.net Satisfy Any Allows me in from sbcglobal but prompts me for a password if I delete the line allow from .lightspeed.lnngmi.sbcglobal.net Link to comment https://forums.phpfreaks.com/topic/288220-password-protecting-test-environment/#findComment-1478184 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.