发表新帖
发表新帖

.htaccess. deny root, allow specific subfolder. Possible?

前端 未结
关注
4 1996
失恋的感觉
失恋的感觉 2020-12-14 08:51

How can I deny access to http://sub.mydomain.com/, but allow for (completely) http://sub.mydomain.com/test (or http://sub.mydomain.com/test/)

There is a magento back

相关标签:
4条回答
  • 生来不讨喜
    2020-12-14 09:22

    I know this is a very old thread, but I've been struceling with exactly this scenario for several days and finally got it to work, thus I thought I'd share my solution for further reference.

    As of Apache version 2.4 (I guess), it's possible to use directive <RequireAll> and <RequireAny>. This can be used to allow access to specific subfolders.

    My solution for .htaccess (inspired from this site: https://www.the-art-of-web.com/system/apache-authorization/):

    SetEnvIf REQUEST_URI "^/test/.*" PUBLICACCESS
# Use for multiple subfolders:
# SetEnvIf REQUEST_URI "^/(?:test|test2|test3|test4)/.*" PUBLICACCESS
<RequireAny>
    <RequireAll>
        # Public access
        Require env PUBLICACCESS
        Require all granted
    </RequireAll>
    <RequireAll>
        # Require user and password
        AuthType Basic
        AuthName "Secured"
        AuthUserFile /var/www/example.com/.htpasswd
        Require valid-user
    </RequireAll>
</RequireAny>
    0 讨论(0)
  • 执笔经年
    2020-12-14 09:29

    .htaccess directives apply to that directory, and all subdirectories thereof, so you should disallow access in your DocumentRoot,

    http://sub.mydomain.com/.htaccess:

    Order deny,allow
Deny from all

    And override that in any specific subdirectories you would like to allow access to,

    http://sub.mydomain.com/test/.htaccess:

    Order allow,deny
Allow from all
    0 讨论(0)
  • 陌清茗
    2020-12-14 09:40

    Try create .htaccess file in sub.mydomain.com for deny, and in sub.mydomain.com/test for allow.

    Or you can redirect from http://sub.mydomain.com/ to deny subdir.

    0 讨论(0)
  • 广开言路
    2020-12-14 09:42

    How about a .htaccess at the root directory, with the following lines?

    RewriteEngine On
# check if request is for subdomain
RewriteCond %{HTTP_HOST} ^sub.mydomain.com$ [NC]
# check if  'test' isnt part of request
RewriteCond %{REQUEST_URI} !^/test/?(.*)$ [NC]
# if subdomain and no 'test' part, redirect to main domain...
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [R,L]

    So if the '/test/' section is present, no redirect takes place...

    0 讨论(0)
 看不清?
提交回复
热议问题