Skip to Content

Apache-url-auth

We received a request to add http auth on URL level, here is a one way to implement with Apache modenv module:

1. Assume site is www.example.com
2. Assume you want to block /url*
2. Assume you have setup a passwd file: /etc/httpd/passwd

Code:

<Directory "/data/web/www.example.com/">
    Options FollowSymLinks
    AllowOverride All

    # If URL match, need auth: 
    SetEnvIf Request_URI  ^/url(\/)?   require_auth=true
    # Block he following:
    #https://www.example.com/url/
    #https://www.example.com/url-2/_edanz
    #https://www.example.com/url-3/_edanz

    # Auth
    AuthName "Auth Required"
    AuthType Basic
    AuthUserFile  /etc/httpd/passwd

    # Setup a deny/allow
    url Deny,Allow
    # Deny from everyone
    Deny from all
    # except if either of these are satisfied
    Satisfy any
    # 1. a valid authenticated user
    Require valid-user
    # or 2. the "require_auth" var is NOT set
    Allow from env=!require_auth
</Directory>

Refer: