I'm trying to setup my .htaccess file to enable basic authentication on our development website.
I want the authentication to work on all my site but for certain URL. We are using friendly URL on our site..
I would also like to bypass authentication for certain file types like png, css, etc...
What I have so far looks like this :
SetEnvIfNoCase Request_URI ^/upload/ NO_AUTH
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /path/to/.htpasswd
Require valid-user
Satisfy any
Order deny,allow
Deny from all
Allow from env=NO_AUTH
<FilesMatch "\.(gif|jpe?g|png|css|js|swf)$">
Satisfy Any
</FilesMatch>
The authentication is working fine, but the SetEnvIfNoCase
does not seem to work because I'm still asked for authentication when going to the friendly URL '/upload/'.
The FilesMatch
part does not seem to work either ..
Anyone can help me with that ?
Thanks !