.htaccess/.htpasswd failing to protect .html files only - works on all other files

Question

I'm trying to set up basic .htaccess/.htpasswd protection on a site as I've done a million times before. My .htaccess file looks like this:

AuthType Basic
AuthName "My Protected Area"
AuthUserFile /home/runcloud/webapps/dev/.htpasswd
Require valid-user

For some reason, this is working fine on all files/subfolders except .html files. If you go direct to the protecteddomain.com/index.html it will bypass the .htpasswd protection.

Can anyone shed any light on this for me? This is on an Ubuntu 18.04/Apache server controlled through a Runcloud.io control panel. Not sure if a config issue on the server on my part, a runcloud bug or a bug in 18.04/Apache. Confused!

score 0 · Answer 1 · answered Jul 31 '18 at 19:41

Ok - so I have discovered that this problem goes away when browsing from another network. So there must be some kind of IP related at issue at play here. I'm still not entirely sure what the underlying issue is but hope this might save someone else a headache.

.htaccess/.htpasswd failing to protect .html files only - works on all other files

1 Answers1