I want to htpasswd protect a single file not files in subdirectories

Question

I have a .htpasswd file in the root of my domain and a .htaccess file which should protect a single index.php file. Unfortunately it appears asif index.php files in subdirectories are also protected. Is it possible to make this work on a single file and leave files in subdirectories untouched?

This is my current .htaccess file.

<Files "index.php">
AuthName "Users zone"
AuthType Basic
AuthUserFile /home/deb69824/domains/.htpasswd
require valid-user
</Files>

Answer 1

Interesting problem. Using Files or FilesMatch won't help you since that only matches file names irrespective of the directory files reside in. Unfortunately Location directive is not allowed in .htaccess file.

Luckily there is a directive that you can make use of here, i.e. mod_setenvif

# set env variable if URI is /index.php
SetEnvIf Request_URI "^/index\.php$" HOME_INDEX

# use BASIC authentication only when env variable HOME_INDEX is set
AuthType Basic
Authname "Users zone"
AuthUserFile /home/deb69824/domains/.htpasswd

Require valid-user
Satisfy any
Order   allow,deny
Allow from all
Deny from env=HOME_INDEX

Answer 2

Include a slash, which indicates the exact location of the file, e.g. in the root of the directory?

<Files "./index.php">
AuthName "Users zone"
AuthType Basic
AuthUserFile /home/deb69824/domains/.htpasswd
require valid-user
</Files>