Different .htpasswd for subfolder? [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 8 years ago.

Improve this question

The root folder of a web app is protected with a .htaccess/.htpasswd file. That works fine even with sub-folders, and everything is perfect.

Now I have to password protect a subfolder using a different .htpasswd file. I tried using a new .htaccess/.htpasswd combo into the subfolder and it kinda works, except for the fact that I need to enter two usernames and passwords (one for the subfolder and one for the .htaccess/.htpasswd in the root folder).

Is there a way to avoid that?

Thanks

Answer 1

There is no straight-forward way to do that. My solution would be to explicitly define the directories that require valid user (using the root .htpasswd), and exclude the directory which has its own authentication. ex:

.htaccess (root)
AuthUserFile /full/path/to/.htpasswd
AuthType Basic
AuthName "My Secret Page"

<Directory "/var">
  Require valid-user
</Directory>

<Directory "/etc">
  Require valid-user
</Directory>

In the subfolder ex "/users" you'll place the custom .htaccess and .htpasswd which will manage the authentication.

Of course always check if your user entry in the .htpasswd is supported by the operating system.