basic auth on specific set of URLs

[j-w]

Because of specific requirements I need to enable basic auth, but only on a subset of URLs. For this I want to use a location directive in the .htaccess file. Unfortunately I don't manage to enforce basic auth only on specific URL. Regardless of the URL in the location directive, basic auth will be active. As a simple test I tried adding:

<Location "/urlthatshouldneverevershowup">
  AuthType basic
  AuthName "webhook"
  AuthBasicProvider file
  AuthUserFile /myauthfile
  Require valid-user
</Location>

but an access to e.g. /helloworld will automatically prompt the user/password prompt and deny access.

I tried adding this directive at the beginning, at the end of www/.htaccess (which is pretty much he default PW .htaccess file) as well as in a www/site/.htaccess file, but with no success.
Is there something in the PW configuration that messes with my directive? Or is there something in my directive that's wrong?

[Robin S]

Welcome to the PW forums @j-w!

The thing you're asking about doesn't relate to PW as such - it's more an Apache question. As far as I know there isn't anything in the PW htaccess that would prevent you from using basic auth.

I don't think you can use <Location> in htaccess - that has to go in your virtual hosts config file. If you want to use htaccess then this Stack Overflow answer might help (it worked for me when I tested it): https://stackoverflow.com/a/14605066/1036672

Or see the answer to the same question for a virtual hosts example: https://stackoverflow.com/a/26980313/1036672 

[j-w]

Works like a charm... thanks for that!