.htaccess file completely ignored - .htaccess

I'm trying to setup HTTP authentication to protect my site. The site is hosted with Azure.
AuthType Basic
AuthName "Protected Area"
AuthUserFile D:\\home\\site\\wwwroot/.htpasswd
Require valid-user
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
This is being completely ignored. To test further I deleted my .htaccess altogether and my site still works fine. It is being completely ignored.

Please see the following link: Mod_rewrite in Azure
.htaccess is not read by Azure websites. You must create your rules in your web.config file
If you want to use an .htaccess file you would need to stand up a Linux VM with apache and go that route.
Hope this helps!

Related

.htaccess insert a string inside the URL

I have no experience whatsoever with .htaccess and I've been reading for awhile now but to no success. My site is using wordpress and I need to edit the .htaccess file to insert a string inside my url just like this.
mysite.com/?a=c&b=2 to this mysite.com/mobile?a=c&b=2
So if I enter the first URL it'll proceed to the next one. Also, since my site is using wordpress, I have no idea where to insert the codes.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
<FilesMatch "wp-login.php">
AuthName "WordPress Admin"
AuthType Basic
AuthUserFile /usr/www/users/ineedjkfup/./wp-admin/.htpasswd
require valid-user
</FilesMatch>
help me Gurus. Please. :D :D

Excluding single directory under protected Wordpress site from htpasswd protection

Despite a good deal of searching here I haven't been able to find the solution to this problem.
I have an .htaccess file that is protecting a Wordpress site that I am developing. I would like to protect the entire site except for the directory /images/, but I can't work out how to do this. At the moment my .htaccess file, in the root of the site, looks like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# basic password protection
<IfModule mod_authn_file.c>
AuthUserFile /home/*****/.htpasswd
AuthName "Username and password required"
AuthType Basic
<Limit GET POST>
Require valid-user
</Limit>
</IfModule>
Could someone help me to amend this to allow open access to the /images/ directory?
Thanks,
Nick
You can create a new .htaccess-file in the /images/-directory:
Order Deny,Allow
Allow from all
Satisfy any
This should remove the password protection for this folder.

URL rewrite and htauth confliction with .htaccess

I have an htaccess file as follows:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule . - [L]
RewriteRule ^$ app/ [L]
RewriteRule (.+) app/$1 [L]
</IfModule>
Now, this is located in my web root, and I wanted to also password protect this and all sub-directories, so I added the following lines:
AuthName "phpMyAdmin Restricted Area."
AuthType Basic
AuthUserFile /usr/local/apache/.htpasswd
Require valid-user
This promted me and I was able to 'log in'. However, now my server is 500'ing on me, and I am not sure why. I can remove the auth lines, and this fixes the problem. Why is this happening, and what can I do?
conflictions with another .htaccess file in the root dir.

htaccess redirect taking precedence over htaccess basic authentication

I have the following htaccess which redirects front controller commands to a given file....
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]*)$ /index.php?a=$1 [L]
Which sits in the root of the domain and works well, however i have a password protected directory at /admin/help/ which contains the following htaccess...
AuthType Basic
AuthName "Your CMS"
AuthUserFile "/path/to/.htpasswd"
require valid-user
The problem is that i'm unable to pull up /admin/help/ in the browser, it simply rewrites to the index.php even though /admin/help/ is a real folder on the server. If i remove the .htaccess from /admin/help/ the folder displays as expected in the browser so i presume i'm missing something from this 2nd .htaccess file however i can't figure out what it is, so any suggestions would be much appreciated?
Thanks

.htaccess is interfering with nested .htaccess/.htpasswd?

I'm using Simple Mailing List (http://www.notonebit.com/projects/mailing-list). It's good mailing list, but no admin area. So you have to use .htaccess/.htpasswd to protect the /mail/admin folder.
However, my site has WordPress installed in the website's root folder. WordPress creates .htaccess for custom permalinks. And for some reason, this interferes with the .htaccess of my /mail/admin/.
When I delete the WordPress .htaccess file, my password protection works properly on /mail/admin. However, when the WordPress .htaccess is present and I load /mail/admin in browser, I'm never asked for a password and I see a WordPress 404 page that says "page not found..."
Here are my files... WordPress .htaccess (located in root folder):
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Mailing List .htaccess (located in /mail/admin):
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/myUsername/public_html/mySndSite/mail/admin/.htpasswd
require valid-user
Any idea as to what is causing the conflict, and how I can resolve it? Been working at it for hours. Your help is much appreciated.
Thank You
EDIT: found a solution!
Found a solution on a Joomla blog. I don't know how, but this works... LOL :)
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|#.*|\?.*|/[^.]*)$ [NC]
RewriteRule ^(.*) /index.php [L]
</IfModule>
You could try explicitly setting a conditional that the request URI not match the url for the mail script. That should prevent the rewrite from kicking in when you view the mail admin page.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !mail
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
I think there must be something else going on here that we can't see. That Wordpress .htaccess code already prevents rewriting URLs when what you are trying to access is a file or a directory that exists on the server, which should be true in this case.
Are there any other .htaccess files involved anywhere, or any plugins installed in Wordpress that involve rewrites? Also, does /mail/admin/ work when you remove your .htaccess file that requires a password?
You could try, say, creating blank text files inside the /mail/admin/ directory and in a completely new folder in the root directory, and see if you can access those without any problems - might narrow down where the problem is.

Resources