Htaccess - Require Auth For Everywhere Except Whitelist
I have a site that is currently set to require basic authentication for everything. However this prevents the Lets encrypt automated process from working, so I needed to allow a specific route.
Below is a configuration example that requires authentication for the entire site, except for anything underneath the public
folder.
AuthName "Protected Directory"
AuthUserFile "/var/www/htpasswd"
AuthType Basic
RewriteEngine On
SetEnvIf REQUEST_URI "(/public)$" ALLOW
<RequireAny>
Require env ALLOW
Require valid-user
</RequireAny>
References
Last updated: 5th June 2024
First published: 22nd January 2019
First published: 22nd January 2019