1

I got a domain with a website that can be reached by two urls, mydomain.com/pathA and mydomain.com/pathB.

But they are actually the same directory on the server. It contains a MediaWiki installation, which is quite large and contains image files that should be shared. But since I don't want to present it as a wiki per se, I want to be able to setup different hooks, add-ins, rights, skins, etc. So now I created a symbolic link from pathA to pathB and added this .htaccess in the doc root:

Options -Indexes

RewriteEngine On

RewriteCond %{REQUEST_URI} ^/pathA
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /pathA/index.php?title=$1 [L,QSA]

RewriteCond %{REQUEST_URI} ^/pathB
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /pathB/index.php?title=$1 [L,QSA]

Now I want pathB to be protected using Apache authentication. Can I do that in this one .htaccess file? I cannot edit httpd.conf.

If this can be done without the symlink it is fine with me, as long as I can keep the single installation folder.

GolezTrol
  • 119
  • 6
  • Do you use cpanel to administrate this domain ? – Pedro Lobito Aug 20 '11 at 22:31
  • No, I got SSH access and SCP for uploading files. I think I can do quite a lot on this server, but I don't want to mess with apache configuration, because other websites run on it too. – GolezTrol Aug 21 '11 at 08:23

1 Answers1

0

I got reminded of this question due to a downvote. I'd rather had seen it was an upvote, or at least being accompanied by a constructive comment, but that's okay. ;-)

Anyway, I think I found the answer (or at least an alternative solution) in the mean time. This is the configuration I'm using now, and it's working fine. Instead of different url paths, I use different subdomains. Doing so also removes the requirement for the symbolic links (although they probably weren't required anyway).

I commented it with what I think is happening. It took me quite some experimenting and messing around, and it's still a bit of magic to me. Anyway, I hope it's useful:

# Create an environment variable if the url matches the/a password protected subdomain.
SetEnvIf Host alternative.example.com passreq
SetEnvIf Host alternative.www.example.com passreq

# Initialize the authentication type.
AuthType Basic
AuthName "Reveil yourself"
AuthUserFile /srv/path/to/.htpasswd
Require valid-user

# By default allow access, only deny when the environment variable 
# is set, to trigger basic authentication in that case.
Order allow,deny
Allow from all
Deny from env=passreq
Allow from 127.0.0.1
Satisfy any

The rest of my .htaccess is simple in this regard. It doesn't differentiate between the various subdomains. I also didn't use the symbolic links anymore. Now I just use above configuration to add authentication to a specific subdomain, and after that the request -any request- is just directed through the same index.php, which verifies the url and load the appropriate configuration.

The end result works nicely: I've got one MediaWiki setup that can be accessed through two different urls. The normal url is completely read-only and lacks all the editing tools, while a special 'admin' version allows the team to edit the content.

GolezTrol
  • 119
  • 6