How to exclude a specific URL from basic authentication in Apache?

Posted by ripper234 on Server Fault See other posts from Server Fault or by ripper234
Published on 2012-03-21T11:23:56Z Indexed on 2012/03/21 11:31 UTC
Read the original article Hit count: 364

Filed under:

httpd

|

mod-proxy

Two scenarios:

Directory

I want my entire server to be password-protected, so I included this directory config in my sites-enabled/000-default:

<Directory />
  Options FollowSymLinks
  AllowOverride None
  AuthType Basic
  AuthName "Restricted Files"
  AuthUserFile /etc/apache2/passwords
  Require user someuser
</Directory>

The question is how can I exclude a specific URL from this?

Proxy

I found that the above password protection doesn't apply to mod_proxy, so I added this to my proxy.conf:

<Proxy *>
  Order deny,allow
  Allow from all

  AuthType Basic
  AuthName "Restricted Files"
  AuthUserFile /etc/apache2/passwords
  Require user someuser
</Proxy>

How do I exclude a specific proxied URL from the password protection? I tried adding a new segment:

<Proxy http://myspecific.url/>
  AuthType None
</Proxy>

but that didn't quite do the trick.

© Server Fault or respective owner

Related posts about httpd

Web site not responding

as seen on Super User - Search for 'Super User'
I have website working fine before. But now its not able to connect to the server(I believe that is the problem). But its strange that the message not able to connect to the server is not coming and its keep connecting... for infinite time. Here is the screenshot. Here are some of the useful… >>> More
Httpd + Expect Script Fail (no more ptys) if httpd is not run through cli

as seen on Server Fault - Search for 'Server Fault'
I have a CentOS virtual server through Vmware. The server runs an httpd daemon which serves an php page with a form. The users complete the form, and by clicking submit the php page calls an expect scripts. If i run the httpd throught the default init.d script i get a "no more ptys" error, but if… >>> More
Difference between httpd and httpd-devel package on CentOS 5

as seen on Server Fault - Search for 'Server Fault'
I'm trying to update PHP 5.1 to 5.3 on CentOS 5.10. On the server, httpd-devel is installed but trying to install php53 on CentOS 5, it wants to install httpd. This is a production server so I need to know if it's safe to install httpd when httpd-devel is already installed. The php package (5.1.6)… >>> More
Redirect particular hostname from https to httpd in httpd/apache2

as seen on Server Fault - Search for 'Server Fault'
I have a webserver that has an ssl certificate applied to a subdomain https://shop.mydomain.com. I also have the hostname http://mydomain.com that has no ssl certificate. When invoking https://mydomain.com, browsers issue a warning that a certificate could not be verified because the webserver is… >>> More
Optimizing apache server load

as seen on Server Fault - Search for 'Server Fault'
We have an issue with a dedicated server load. We have 16 processors with 4 core @ 2.40GHz, if I understood correctly cat /proc/cpuinfo output. Unfortunately, I don't have access to free -m or vmstat. But from top I got that we have 24 GB. And snapshot from top about processes: As far as I see… >>> More

Related posts about mod-proxy

How can I enable logging for requests going through mod proxy

as seen on Server Fault - Search for 'Server Fault'
Is there a way to log requests going through mod proxy? I need a way to debug my configuration, because I don't seem to be getting where I should be. I need the following information: headers of incoming requests what is being sent to the proxy target Maybe a related question: is there a way to… >>> More
Using modproxy to get around China's Great Firewall

as seen on Pro Webmasters - Search for 'Pro Webmasters'
I'm using WIX service and I like it very much. However, one big problem is that some of my colleagues are in China but their IP is blocked. I'm wondering if modproxy can help me. I would like to setup a clean server (not blocked by the stupid Chinese government). Pointed the DNS cname to it… >>> More
Apache internal test servers

as seen on Server Fault - Search for 'Server Fault'
I want to build a test system in the office. On one box I will install XAMPP. I will put a website that I want to test on that box. Now I do not want it connected to the Internet. So my plan is to use a reverse proxy to resolve things like ads and other external links. So I am thinking of using mod_proxy… >>> More
502: proxy: pass request body failed

as seen on Server Fault - Search for 'Server Fault'
Sometimes I get the following error (in apache's error.log) when viewing my site over https: (502)Unknown error 502: proxy: pass request body failed to xxx.xxx.xxx.xxx:443 I'm not entirely sure what this is and why it happens, it's also not consistent. The request route is: Browser Proxy server… >>> More
Apache load balancer limits with Tomcat over AJP

as seen on Server Fault - Search for 'Server Fault'
Hi All, I have Apache acting as a load balancer in front of 3 Tomcat servers. Occasionally, Apache returns 503 responses, which I would like to remove completely. All 4 servers are not under significant load in terms of CPU, memory, or disk, so I am a little unsure what is reaching it's limits or… >>> More