0

I am working with openlitespeed and have for my php application a virtual location "/backend/" which I like to have password protected. I also using "rewrite" rules at the root context so the requests get routed to my "/index.php". I noticed when I have a root context "/" with rewrite rules the "Realm" protected context "/backend/" get ignored, regardless which order I have specified in in my virtual host. Any luck to get this working?

  1. context "Static" with URI "/" and rewriting rules
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php
  1. context "Static" with URI "/backend" with "realm" and inherited rewriting rules
  • realm get ignored
  • it works if the directory "backend" on the file system exists, but then my rewriting will not work
  1. context "LiteSpeed SAPI" with "backend" and "realm" but is not asking for the password.

I tried to switch the contexts in other order, but the effect is still the same. And yes I have restarted litespeed after the changes.

megloff
  • 1,400
  • 4
  • 27
  • 44
  • if you do `/backend` URI in context, it will do exact match for `/backend` , you probably need to make it `/backend/` in context URI – qtwrk Nov 27 '22 at 13:25
  • thank you qtwrk but "/backend/" with trailing slash did not work also. It looks to me that you can not protect a "virtual location" with a password realm in litespeed – megloff Nov 27 '22 at 18:34
  • first of all you need to make sure that context works , you can try simply enable rewrite rule `RewriteRule .* - [F,L]` within that context first , and then work on protection , also make sure the htpass file is readable by `lsadm` and `nobody`/`www-data` that runs OLS – qtwrk Nov 28 '22 at 00:23

0 Answers0