发表新帖
发表新帖

How to use a RELATIVE path with AuthUserFile in htaccess?

后端 未结
关注
9 1375
我在风中等你
我在风中等你 2021-01-31 12:51

I have a .htaccess that uses basic authentication. It seems the path to the .htpasswd file isn\'t relative to the htaccess file, but instead to the server config.

So eve

相关标签:
9条回答
  • 我在风中等你
    2021-01-31 13:40

    1) Note that it is considered insecure to have the .htpasswd file below the server root.

    2) The docs say this about relative paths, so it looks you're out of luck:

    File-path is the path to the user file. If it is not absolute (i.e., if it doesn't begin with a slash), it is treated as relative to the ServerRoot.

    3) While the answers recommending the use of environment variables work perfectly fine, I would prefer to put a placeholder in the .htaccess file, or have different versions in my codebase, and have the deployment process set it all up (i. e. replace placeholders or rename / move the appropriate file).

    On Java projects, I use Maven to do this type of work, on, say, PHP projects, I like to have a build.sh and / or install.sh shell script that tunes the deployed files to their environment. This decouples your codebase from the specifics of its target environment (i. e. its environment variables and configuration parameters). In general, the application should adapt to the environment, if you do it the other way around, you might run into problems once the environment also has to cater for different applications, or for completely unrelated, system-specific requirements.

    0 讨论(0)
  • 南笙
    2021-01-31 13:41

    I know this is an old question, but I just searched for the same thing and probably there are many others searching for a quick, mobile solution. Here is what I finally come up with:

    # We set production environment by default
SetEnv PROD_ENV 1

<IfDefine DEV_ENV>
  # If 'DEV_ENV' has been defined, then unset the PROD_ENV
  UnsetEnv PROD_ENV

  AuthType Basic
  AuthName "Protected Area"
  AuthUserFile /var/www/foo.local/.htpasswd
  Require valid-user
</IfDefine>

<IfDefine PROD_ENV>
  AuthType Basic
  AuthName "Protected Area"
  AuthUserFile /home/foo/public_html/.htpasswd
  Require valid-user
</IfDefine>
    0 讨论(0)
  • 清歌不尽
    2021-01-31 13:44

    you may put your Auth settings into a Environment. Like:

    SetEnvIf HTTP_HOST testsite.local APPLICATION_ENV=development
<IfDefine !APPLICATION_ENV>
  Allow from all
  AuthType Basic
  AuthName "My Testseite - Login" 
  AuthUserFile /Users/tho/htdocs/wgh_staging/.htpasswd
  Require user username
</IfDefine>

    The Auth is working, but I couldn't get my environment really running.

    0 讨论(0)
 看不清?
提交回复
热议问题