Jump to content

Recommended Posts

I generally follow the pattern of having three versions as I develop a new site. ddd.mydomain.com for active development, ttt.mydomain.com for testing, and www.mydomain.com for a live site. I protect the test site with htaccess. However, when I want to test Paypal IPN integration, I hit a snag because Paypal doesn't understand protected directories, so to test integration I need to either temporarily remove the .htaccess file or send the IPN notification to a different domain on the same server. I don't really like either of these solutions. Is there a way to let Paypal traffic only into an htaccess protected directory? Can I use htaccess for all directories but exempt a single program (my IPN listener)? Does anybody have a better approach?

Link to comment
https://forums.phpfreaks.com/topic/288220-password-protecting-test-environment/
Share on other sites

Sorry to be dense but I still can't get it to work quite the way I want it to. I want anyone to encounter the Auth rule (require a username/password) except paypal. When I try to explicitly allow domains without Auth I can do so, but when I add the Auth those domains are not exempted. Here's the relevant part of my .htaccess file.

AuthName "Test Site"
AuthUserFile "/home/ezvaluat/.htpasswds/public_html/testezvalpro/passwd"
require valid-user

<Limit GET>
order deny,allow
deny from all
allow from .paypal.com
allow from .lightspeed.lnngmi.sbcglobal.net
</Limit>

This just denies me from comcast (or any other random domain) and prompts me for a password from .lightspeed.lnngmi.sbcglobal.net. I want it to prompt me for a password from comcast (or any other random domain) but to let me in from .lightspeed.lnngmi.sbcglobal.net or paypal with no password prompt.

 

Also, I managed to put this in the wrong section. It has nothing to do with php configuration. I'd appreciate it if an admin would kindly move it to a more appropriate place.

I think I have it fixed.

AuthType Basic
AuthName "Test Site"
AuthUserFile "/home/ezvaluat/.htpasswds/public_html/testezvalpro/passwd"
require valid-user

order deny,allow
deny from all
allow from .paypal.com
allow from .lightspeed.lnngmi.sbcglobal.net
Satisfy Any

Allows me in from sbcglobal but prompts me for a password if I delete the line

allow from .lightspeed.lnngmi.sbcglobal.net

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.