getting “authentication required” when requesting / instead of /index.php

Question

On my server I have the following .htaccess file:

DirectoryIndex index.php

AuthType Basic
AuthName \"Password Required\"
AuthUserFile /var/www/webinterface/         


        

Answer 1

Try replacing the block to use mod_setenvif to check the request URI instead of using <Files>. The mod_auth* modules has precedence over mod_dir so the mapping from / to /index.php doesn't happen until after the auth takes place. Mod_setenvif will occur before the auth. Try:

SetEnvIf Request_URI "^/$" allow=yes
SetEnvIf Request_URI "^/index.php$" allow=yes

AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/webinterface/.htpasswd
Options +FollowSymLinks
Order Deny,Allow
Satisfy any
Deny from All
Require valid-user
Allow from env=allow

If the requested URI is exactly / or /index.php, the variable allow gets set. The stuff after the Auth lines say to deny everything except a valid user or if the variable allow has been set.