Hi
I set up a .htpasswd file in the root of my account on a VPS and put a .htaccess in a sub folder /public-html/hq containing a directives to password protect this folder:-AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/charlie/.htpasswd
AuthGroupFile /dev/null
require valid-user
. . .
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
When in a page in the sub folder /public-html/hq, [which happens to post to itself] I do get the password popup - and also if I revisit a cached call to a https:// URL in that folder.
The situation was un-liveable, though I have moved the 'force SSL' directives into the .htacess in /public-html/hq:-RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/charlie/.htpasswd
AuthGroupFile /dev/null
require valid-user
I suppose I could bare having to subject the user to this.
I just wondered if there was some workaround - like having the .htpasswd only apply to https ? (or maybe some other subtle solution ?)
Suggestions would be much appreciated
Many thanks
Guy Hackney
Members
Search
Help
Register
Login
Home
redirected to /401.shmtl with .htpasswd & SSL force higher up
