I have a Wordpress install, and for various reasons related to the host I'm using, I have the install at the web server root. For awhile now I have also had a subdirectory under the root where I keep files I want to link to. These links were always published as absolute url's to a specific file, and they worked fine.
Now I want to password protect a specific folder under that subdirectory, and I want to provide a directory listing.
I downloaded a directory listing script, and dropped it into topmost folder that I want to be private. The script is in index.php in that directory. I then added the following .htaccess in that directory:
AuthName "Private Files"
AuthType Basic
AuthUserFile "/home/myuser/.htpasswd"
AuthGroupFile /dev/null
require valid-user
Then in ~ I placed the following .htpasswd file:
user😛wdhash
The problem: whether I explicitly address the index.php script, or just the folder it resides in, Wordpress jumps in and 404's. Here is the Wordpress .htaccess file:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
If I understand these, the two RewriteCond directives should prevent rewriting when the target is an existing file, or a directory. However, it seems not to work. Fwiw, I checked the permissions on the listing index.php and containing folder and they're consistent with the rest of the wordpress install.
Just to recap the folder structure:
/home/myuser/ <=== where .htpasswd is
/home/myuser/public_html/ <=== wp root, wp .htaccess
/home/myuser/public_html/misc/private/ <=== my .htaccess, directory listing script
I have Googled around but so far haven't found anything that gets Wordpress out of the way for this specific subdirectory. Anyone have any clues?
Now I want to password protect a specific folder under that subdirectory, and I want to provide a directory listing.
I downloaded a directory listing script, and dropped it into topmost folder that I want to be private. The script is in index.php in that directory. I then added the following .htaccess in that directory:
AuthName "Private Files"
AuthType Basic
AuthUserFile "/home/myuser/.htpasswd"
AuthGroupFile /dev/null
require valid-user
Then in ~ I placed the following .htpasswd file:
user😛wdhash
The problem: whether I explicitly address the index.php script, or just the folder it resides in, Wordpress jumps in and 404's. Here is the Wordpress .htaccess file:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
If I understand these, the two RewriteCond directives should prevent rewriting when the target is an existing file, or a directory. However, it seems not to work. Fwiw, I checked the permissions on the listing index.php and containing folder and they're consistent with the rest of the wordpress install.
Just to recap the folder structure:
/home/myuser/ <=== where .htpasswd is
/home/myuser/public_html/ <=== wp root, wp .htaccess
/home/myuser/public_html/misc/private/ <=== my .htaccess, directory listing script
I have Googled around but so far haven't found anything that gets Wordpress out of the way for this specific subdirectory. Anyone have any clues?
Last edited:
