Wordpress RewriteRule Conflicts with .passwd

Question

In my root .htaccess file I have the following Wordpress code:

RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wordpress/index.php [L]

Slightly different to the standard code because the Wordpress files are in a "wordpress" directory but rewrites still appear relative to the domain root. For example a blog post can be called site.com/this-is-a-blog-post.php and the rewrite works.

This works great except when I want to use htpasswd to protect a directory on the site. If I add the following code to a .htaccess file in any directory I get a 404 when trying to browse to that directory:

AuthName "Private"
AuthUserFile "/home/passwd"
AuthType Basic
require valid-user

This code works correctly when the last line of the Wordpress rewrite code is commented out, but with the Wordpress code intact my password protected directory gives a 404.

So I have a conflict between the two .htaccess files somehow. I have tried writing a bunch of RewriteCond's to try and exclude the subdirectory with the password applied but can't nail it.

Answer 1

Ok, Murphy's Law, just worked it out after posting the question!

The extra condition needed for the Wordpress rewrite is:

RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|#.*|\?.*|/[^.]*)$  [NC]

So the complete Wordpress rewrite code becomes:

RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|#.*|\?.*|/[^.]*)$  [NC]
RewriteRule . /wordpress/index.php [L]

Now I'll go finish my humble pie.