1

We have our main website: www.example.com.

A partner has created a website: subdomain.theirexample.com and they have pointed it at our IP address.

We want to password protect any traffic coming through on the subdomain whilst leave the original domain open to the public. I've tried adding the below at the top of our htaccess file but we're not getting a password prompt:

SetEnvIf Host ^subdomain\.theirexample\.com$ passreq
AuthType Basic
AuthName "Password Required"
AuthUserFile /home/example/.htpasswd-theirexample
Require valid-user
Require all granted
Deny from env=passreq
Satisfy any

I also tried it simply like:

SetEnvIf Host subdomain.theirexample.com passreq
martin
  • 93,354
  • 25
  • 191
  • 226
James Wilson
  • 809
  • 3
  • 14
  • 25
  • Perhaps [this answer](http://stackoverflow.com/a/11646997/1626250) will point you in the right direction? – Mike Rockétt Feb 16 '16 at 16:38
  • Ok there are a couple of things that doesn't sound right. If they pointed that subdomain to your server IP, you also need to add it to Apache as a virtualhost or a [server alias](https://httpd.apache.org/docs/current/mod/core.html#serveralias). If this is a separate site it should also have a separate document root which is where the .htaccess file for that subdomain should be at. I don't think you provide enough info on how your subdomain is setup to properly assist. – Panama Jack Feb 16 '16 at 17:17
  • That example works fine for me. Have you verified that AUTH is allowed in .htaccess from main config? [AllowOverride](http://httpd.apache.org/docs/2.4/mod/core.html#allowoverride) – Brandon Harris Feb 16 '16 at 18:28

0 Answers0