5

I'm testing out Amazon Cloudfront in our dev environment, which is protected by .htaccess/.htpasswd. The password protection on the dev server is causing all of the cloudfront.net assets to be password protected as well. And no username/password combination works.

What I need to do is allow cloudfront to access the dev server by poking some holes in the .htaccess protection.

I can get a list of IP addresses here but since they are subject to change, I was wondering if anyone knew of a better way.

I cannot remove the password protection unfortunately.

Scott Joudry
  • 883
  • 10
  • 25

1 Answers1

3

Here's what I've been using:

SetEnvIf User-Agent ^Amazon Cloudfront$ cdn
SetEnvIf Host ^static.dev.website.com$ cdn # This could also be a cloudfront.net host

AuthType Basic
AuthName "Dev Site"
AuthUserFile /directory/location/.htpasswd
Require valid-user

Order Deny,Allow
Deny from all
Allow from env=cdn
Satisfy Any

Essentially, you need you exclude CloudFront-related requests, which the first two lines handle, in conjunction with the Allow from env=cdn line.

Melissa Avery-Weir
  • 1,357
  • 2
  • 16
  • 47