How can I exclude a file in a folder from basic auth (regex help)?
Posted
by simon180
on Server Fault
See other posts from Server Fault
or by simon180
Published on 2010-06-13T13:24:31Z
Indexed on
2010/06/13
13:33 UTC
Read the original article
Hit count: 172
Hi
I have a folder on my site which contains admin files and I've added basic auth following a little unwanted attention. This works fine however a couple of the admin functions won't work through basic auth as they handle file uploads and so I want to exclude these files from the auth. It shouldn't have any security implications as any rogue user wouldn't be able to access the pages that could create a session to use these functions.
I am using the following basic code to exclude a file:
<FilesMatch "(index.php\/myadminfolder\/myurl\/myaction/someotherstuff?)$">
Satisfy Any
Order allow,deny
Allow from all
Deny from none
</FilesMatch>
The URL exclusion is not working.
The URL to exclude is in the form:
index.php/directory/subdirectory/action/uniqueid/blah
What is the correct URL string to add to FilesMatch to exclude any files that start with the pattern of index.php/directory/subdirectory/action - regardless of what comes after action?
Thanks
Simon
© Server Fault or respective owner