0

I have a wordpress install at the root of my home folder, and I have a subfolder that I am trying to protect with an .htaccess based login. In the root there is an .htaccess with these rules:

# BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress

Then in my subfolder I have this .htaccess

<IfModule mod_rewrite.c> RewriteEngine off </IfModule> AuthName "MySQLDumper" AuthType Basic AuthUserFile "/home/freegame/public_html/msdump/.htpasswd" require valid-user

With the Wordpress rules active, access the subfolder causes a 404 error. When I delete the wordpress rules, it works fine. Any ideas on what I've done wrong?

Improve this question

1 Answer 1

Reset to default
0

Your method will work only for files. For protecting directory you have to perform an additional step. Modify the htaccess file in the your site’s root directory and add the following above the #Begin WordPress comment.

<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_URI} ^/(failed_auth\.html).*$ [NC] RewriteRule . - [L] </IfModule>

This will stop WordPress from giving a 404 error code when you try to access your password protected directory. Instead it will give a 403 (authorization required) and prompt you for a valid username/password instead to access it.

Source: Dreamhost

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.