htaccess trickery

I was looking the other day for a way to make a directory that is behind a .htaccess password protected directory accessible for anybody. Does that make any sense? For instance: www.somedomain.com/protected is password protected directory. I wanted anybody to be able to access www.somedomain.com/protected/notthisone/ without a password. After a little searching I found the following trick:

AuthType Basic
AuthName “Anybody”
AuthUserFile /path/to/some/autfile

Require valid-user

Allow from All
Satisfy Any

I’m actually not sure if I need all of the above or if I can just get away with “Allow from All” and “Satisfy Any”.

So basically by adding “Allow from All” you say anybody is allowed to access this directory. The “Satisfy Any” makes sure that you can access it either when you have already entered the password or when you don’t have a password.

A nice way to circumvent .htaccess directory protection.

Leave a Reply

Your email address will not be published. Required fields are marked *