问题
I have added htpasswd protection using htaccess file for authentication, now I want to bypass authenitcation for www.website.com and www.website.com/index.php where both urls are accessing index.php file. By using below htaccess file I have allowed index.php and I'm able to bypass www.website.com/index.php url but not www.website.com
My htaccess file is:
# set an environtment variable "noauth" if the request starts with "/callbacks/"
SetEnvIf Request_URI ^/index.php noauth=1
AuthType Basic
AuthName "RESTRICTED"
#AuthName "Restricted Area"
AuthUserFile "/path/to/.htpasswd"
require valid-user
Options -Indexes
Options +FollowSymlinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^.]+)$ /file.php?show=all&name=$1 [L]
# Here is where we allow/deny
Order Deny,Allow
Satisfy any
Deny from all
Require valid-user
Allow from env=noauth
回答1:
I believe the 2nd parameter just uses regular regex. Maybe you can just make index.php optional.
SetEnvIf Request_URI "^/(index\.php)?$" noauth=1
Have not tested.
来源:https://stackoverflow.com/questions/29279039/bypass-htpasswd-authentication-for-url-with-index-php-and-without-it