The rewrite rule in Kirby’s .htaccess
is interfering with a .htpasswd
file.
Setup;
- /my-kirby-site/
- /my-kirby-site/piwik/
- /my-kirby-site/mibew/
The site is located in the first folder. The other two folders are subfolders of the Kirby site and contain an open source analytics tool and an open source chat tool (customer support).
In the root of the Kirby site, I’ve placed the default .htaccess
file, which contains those lines (and more, of course);
# make site links work
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php [L]
In my Piwik
and Mibew
folders, I’ve placed another .htaccess
file which contains those lines - in order to protect the folders from direct access;
<FilesMatch "whatever-login-for-both-mibew-and-piwik">
AuthType Basic
AuthName "That you 007? Identify yourself..."
AuthUserFile "/home/public_html/.htpasswd"
require valid-user
</FilesMatch>
But when I try to open the login address for Mibew / Piwik, I got a 500 error - file not found
.
The file
in this case is the .htpasswd
which can not be found (but it’s there, 100%).
When I delete this line (temporarily) from Kirby’s .htaccess
the .htpasswd
is found (and protecting the subfolders);
# make site links work
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# RewriteRule ^(.*) index.php [L]
(of course Kirby is not working any longer).
So it seems the rewrite rule
is also rewriting the location of the .htpasswd
, resulting in a 500 - not found on this server error
.
I tried to disable those particular subfolders from Kirby’s .htaccess
, placing a wildcard in the rewriterule, so .htpasswd
is not rewritten, turning of the rewrite engine
for those folders at all, etc… but nothing worked.
Is it possible to exclude some folders / files from the RewriteRule ^(.*) index.php [L]
rule, so I can protect some subfolders with a .htpasswd
?