Menu
Hi i need to protect my app during the testing phase.
I read this post about excluding one url from Basic Auth
But i'd like to exclude 2 urls :
/api/*
/oauth/v2/token
So the entire app will be protected except for those two urls, that will be public. Otherwise i can't access my api routes.
My .htaccess for now is :
# Protect the app with password
AuthUserFile /home/master/public_html/web/.htpasswd
AuthName "Protected"
AuthType Basic
Require valid-user
So i'm guessing i should need some sort or regex in :
SetEnvIf Request_URI ^/api/ noauth=1
How can i have like a OR condition?
510
Apache 2.4 Auth/Access control has changed since 2.2. Here is the new syntax:
AuthType Basic
AuthUserFile /home/master/public_html/web/.htpasswd
AuthName "Protected"
SetEnvIf Request_URI ^/(api/|oauth/V2/token) noauth=1
<RequireAny>
Require env noauth
Require env REDIRECT_noauth
Require valid-user
</RequireAny>
Try :
SetEnvIf Request_URI ^/(api/|oauth/V2/token) noauth=1
You can exclude multiple URIs. Just seperate them using the pipe symbol |.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
