Re: [users@httpd] Auth failure when a rewrite rule is moved out to an htaccess file

Sun, 17 Aug 2025 03:51:55 -0700 



On 7/21/25 7:06 PM, EML wrote:

I have a problem where authorisation behaves differently when a rewrite 
rule is moved from the main configuration to an .htaccess file. Any 
advice appreciated.


The site looks like this:

$ tree /var/www5
/var/www5
|-- dir1
     |-- test1.html
|-- dir2
|   |-- test2.html
|-- index.html
|-- passwords


I want the site to default to requiring a login, except that dir1/ 
test1.html should be readable by anybody. There's a complication, which 
is that a rewrite rule sets the home page to dir1/test1.html, rather 
than index.html. So the expected HTTP status codes are:


http://localhost/                 200 (because of the rewrite)
http://localhost/index.html       401
http://localhost/dir1/test1.html  200
http://localhost/dir2/test2.html  401

This configuration works exactly as expected:

<VirtualHost *:80>
   DocumentRoot /var/www5

   <Location />
     AuthType Basic
     AuthName Test
     AuthBasicProvider file
     AuthUserFile "/var/www5/passwords"
     Require  valid-user
   </Location>

   <Directory /var/www5/dir1>
     <If true>
       Require all granted
     </If>
   </Directory>

   RewriteEngine On
   RewriteRule ^(/)?$ /dir1/test1.html [L]
</VirtualHost>


Ok, here's the problem: I actually need to move the rewrite out to 
an .htaccess file, so I've moved the RewriteEngine and RewriteRule lines 
out to /var/www5/.htaccess. The new configuration file looks like:


<VirtualHost *:80>
   DocumentRoot /var/www5

   <Location />
     AuthType Basic
     AuthName Test
     AuthBasicProvider file
     AuthUserFile "/var/www5/passwords"
     Require  valid-user
   </Location>

   <Directory /var/www5>
     AllowOverride All
   </Directory>

   <Directory /var/www5/dir1>
     <If true>
       Require all granted
     </If>
   </Directory>
</VirtualHost>

This *doesn't* work. What I get now is:

http://localhost/                 401
http://localhost/index.html       401
http://localhost/dir1/test1.html  200
http://localhost/dir2/test2.html  401


I now have to log in to visit http://localhost/. The rewrite does work; 
if I log in, I get the dir1/test1.html page.


Thanks.



--

.htaccess is evaluated after virtualhost, so before you reach the 
directory, the basic auth kicks in.



Perhaps at virtualhost you should keep some kind of default redirect 
towards directories where you use .htaccess.



Or have a more specific path to set basic authentication in, since If I 
understand correctly you do not want to have to auth in /, you want to 
be redirected.


-Daniel
Find help at #httpd in Libera.chat


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org























					Reply via email to