How to use basic auth for single file in otherwise forbidden Apache directory?
Posted
by mit
on Server Fault
See other posts from Server Fault
or by mit
Published on 2010-06-14T22:41:56Z
Indexed on
2010/06/14
22:43 UTC
Read the original article
Hit count: 284
I want to allow access to a single file in a directory that is otherwise forbidden.
This did not work:
<VirtualHost 10.10.10.10:80>
ServerName example.com
DocumentRoot /var/www/html
<Directory /var/www/html>
Options FollowSymLinks
AllowOverride None
order allow,deny
allow from all
</Directory>
# disallow the admin directory:
<Directory /var/www/html/admin>
order allow,deny
deny from all
</Directory>
# but allow this single file::
<Files /var/www/html/admin/allowed.php>
AuthType basic
AuthName "private area"
AuthUserFile /home/webroot/.htusers
Require user admin1
</Files>
...
</VirtualHost>
When I visit http://example.com/admin/allowed.php I get the Forbidden message of the http://example.com/admin/ directory. How can I make an exception for allowed.php?
If not possible, maybe I could enumerate all forbidden files in another Files directive?
Let's say admin/ contains also user.php and admin.php which should be forbidden in this virtual host.
© Server Fault or respective owner