Home/ Questions/Q 6599471
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T18:29:45+00:00

I was wondering if it was possible to setup a conditional http basic auth

  • 0

I was wondering if it was possible to setup a conditional http basic auth requirement based on the virtual host URL in an .htaccess file.

For example what I want to do is have mysite.com and test.mysite.com run off the same code base in the same directory but password protect test.mysite.com. It would be setup this way so that I wouldn’t need to branch my code since my app code can see which vhost/url it’s being served from and pick the database to serve content from.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can sort of kludge this by using mod_setenvif along with the mod_auth modules. Use the SetEnvIfNoCase directive to set which host is password protected. You’ll need a couple of extra directives to satisfy access:

    # Check for the hostname here
SetEnvIfNoCase HOST ^test\.mysite\.com\.?(:80)?$ PROTECTED_HOST

    Then inside the Directory block (or just out in the open) you have your auth stuff setup, something like this:

    AuthUserFile /var/www/test.mysite.com/htpasswd
AuthType Basic
AuthName "Password Protected"

    Now for the require/satisfy stuff:

    Order Deny,Allow
Satisfy any
Deny from all
Require valid-user
Allow from env=!PROTECTED_HOST

    This will make it so any host that doesn’t match ^test\.mysite\.com\.?(:80)?$ will have access without need for auth (Allow from env=!PROTECTED_HOST) but otherwise, we need a valid user (Require valid-user). The Satisfy any ensures that we just need one of the 2, either the Allow or Require.

    • 0