douli4337 2015-05-31 13:06
浏览 45

在Wordpress中绕过注册页面的.htaccess授权

I use a .htaccess rule to add an extra layer of password security to the wordpress login page. Now as the whole wp-admin is protected. Users who wish to register, lands on the page with the username and password prompt for the authentication.

Is there anyway I can bypass this only for user registration URI?

I currently have authentication for this URL - www.example.net/wp-login.php

But I couldn't exclude the authentication prompt for this URL - www.example.net/wp-login.php?action=register

This is my .htaccess rule:

<FilesMatch "wp-login.php">
AuthName "Authorized Users only"
AuthType Basic    
AuthUserFile /home/user/.wpadmin    
require valid-user  
</FilesMatch>

Is there anyway to exclude the security authentication for the queried URL for registering in my site?

  • 写回答

1条回答 默认 最新

  • doukuo9116 2015-05-31 15:24
    关注

    Possibly (not tested) but you'll need a rewrite rule to create a specific URL for the registration page eg.

    RewriteEngine On
RewriteRule wp-register wp-login.php?action=register  [NC,L]

    Then a block to disable authentication for that URL eg:

    <Location "wp-register">
  Order Deny,Allow
  Allow from All
  Satisfy Any
  #AuthBasicFake dummyRegOnlyUserId dummyRegOnlyPass
</Location>

    If that doesn't work as is, try adding a dummyRegOnlyUserId to your password file and uncommenting the directive.

    评论

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度