1

I have to add a password protected zone to a site I am working on (using the .htpasswd file). The thing is the whole directory structure it's being pointed at doesn't exist and is created through mod_rewrite.

Will it still work, or does the directory actually have to physically exist on the server?

Clarification: While I may need to password protect the directory: http://sitename/category/protected/

mod_rewrite translates this to: index.php?category=category&directory=protected

So the actual directory does not exist. Is it still protectable?

Meep3D
  • 3,803
  • 4
  • 36
  • 55

2 Answers2

1

You can add the access rules to the apache config file (httpd.conf or similar) in a Directory or Location tag instead of adding it in the .htaccess file.

Anders Westrup
  • 825
  • 5
  • 6
0

Your rewrite rules will ultimately point to some files in a directory on your system (unless they redirect users to some external location). The authentication setup should be on the underlying directory that will be accessed.

a'r
  • 35,921
  • 7
  • 66
  • 67
  • The directory doesn't exist, which is the issue. mod_rewrite fakes the whole thing. – Meep3D Mar 11 '10 at 09:36
  • Your mod_rewrite redirects to your `index.php` file, so either put a `.htaccess` file next to it, or as Anders suggested put the configuration into the main apache config and either use `` to match urls or `` to match directories on the filesystem or even `` to match index.php specifically. See http://httpd.apache.org/docs/2.2/sections.html for more information. – a'r Mar 11 '10 at 12:01