htaccess password protect but not on localhost

问题

I have set up a dev site and want to password protect it so only validated visitors can view the site. All well and good. I am getting annoyed, on my local version, entering my username and password. So, without changing the htaccess file between my local copy and the one on the dev site, how do I password protect the site but allow myself access without having to enter my username and password?

回答1:

Something like this should do the trick..

Require valid-user
Allow from 127.0.0.1
Satisfy Any

From: http://httpd.apache.org/docs/2.0/mod/core.html#satisfy

回答2:

I've figured out a cool way to seperate Linux from Windows password files (because I develop in windows and then release to a linux production server).

I just wrote a php script with phpinfo(); on our local and prod server and found the apache module 'mod_win32' to seperate the two of them.

<IfModule mod_win32.c>
    AuthUserFile C:\xampplite\your\windows\path.passwd
</IfModule>
<IfModule !mod_win32.c>
    AuthUserFile "/your/linux/path/.passwd"
</IfModule>
AuthName "Please Login"

RewriteEngine On
AuthType Basic
Require valid-user

回答3:

Presuming that you are fine entering the password on the dev site - put the auth directives in a VirtualHost on the dev site rather than in the .htaccess file - this way your auth is processed at a server level rather than a directory level.

Also, most modern browsers will probably save your password for you :)

回答4:

Example for Windows:

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile C:/Apache24/htdocs/.htpasswd
Require valid-user
Order allow,deny
Allow from localhost
Allow from 127.0.0.1
Satisfy Any

回答5:

As discussed here you could use allow from to allow access from a specific host.

回答6:

Since Apache 2.4 you can also surround your password protection by checking against the HTTP_HOST environment variable like this:

<If "%{HTTP_HOST} != 'localhost'">
    # Your password protection code
</If>

See also the answer from Mark Fox to the question about accessing the environment variables.

来源：https://stackoverflow.com/questions/4323875/htaccess-password-protect-but-not-on-localhost