问题
I'm testing out Amazon Cloudfront in our dev environment, which is protected by .htaccess/.htpasswd. The password protection on the dev server is causing all of the cloudfront.net assets to be password protected as well. And no username/password combination works.
What I need to do is allow cloudfront to access the dev server by poking some holes in the .htaccess protection.
I can get a list of IP addresses here but since they are subject to change, I was wondering if anyone knew of a better way.
I cannot remove the password protection unfortunately.
回答1:
Here's what I've been using:
SetEnvIf User-Agent ^Amazon Cloudfront$ cdn
SetEnvIf Host ^static.dev.website.com$ cdn # This could also be a cloudfront.net host
AuthType Basic
AuthName "Dev Site"
AuthUserFile /directory/location/.htpasswd
Require valid-user
Order Deny,Allow
Deny from all
Allow from env=cdn
Satisfy Any
Essentially, you need you exclude CloudFront-related requests, which the first two lines handle, in conjunction with the Allow from env=cdn line.
来源:https://stackoverflow.com/questions/24895965/amazon-cloudfront-and-htaccess