WordPress.org

1. skippybosco
   Member
   Posted 5 years ago #
   

   I have WordPress 2.51 up and running splendid using the following .htaccess in my root:

   # END Set Expire Date
   <IfModule mod_expires.c>
   ExpiresActive On
   ExpiresByType text/html "access plus 1 seconds"
   ExpiresByType image/gif "access plus 2 years"
   ExpiresByType image/doc "access plus 1 weeks"
   ExpiresByType image/pdf "access plus 1 weeks"
   ExpiresByType image/zip "access plus 1 weeks"
   ExpiresByType image/jpeg "access plus 2 years"
   ExpiresByType image/png "access plus 2 years"
   ExpiresByType text/css "access plus 2 years"
   ExpiresByType text/javascript "access plus 2 years"
   ExpiresByType application/x-javascript "access plus 2 years"
   </IfModule>
   
   # END GZip if possible
   <IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteCond %{HTTP:accept-encoding} gzip
   RewriteCond %{REQUEST_FILENAME} !^.+\.gz$
   RewriteCond %{REQUEST_FILENAME}.gz -f
   RewriteRule ^(.+) $1.gz [L]
   
   # If subdomain www exists, remove it first
   RewriteCond %{HTTP_HOST} ^www\.([^\.]+\.[^\.]+)$ [NC]
   RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
   # If requested resource does not exist as a file
   RewriteCond %{REQUEST_FILENAME} !-f
   # and does not end with a period followed by a filetype
   RewriteCond %{REQUEST_URI} !..+$
   # and does not end with a slash
   RewriteCond %{REQUEST_URI} !/$
   # then add a trailing slash and redirect
   RewriteRule (.*) $1/ [R=301,L]
   </IfModule>
   
   # WordPress upload fix
   <IfModule mod_security.c>
   <Files async-upload.php>
   SecFilterEngine Off
   SecFilterScanPOST Off
   </Files>
   </IfModule>
   
   # BEGIN WordPress
   <IfModule mod_rewrite.c>
   RewriteBase /
   RewriteCond %{REQUEST_URI} ^/lectures/ [OR]
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule . /index.php [L]
   </IfModule>
   # END WordPress

   I have a subdirectory, /podcasts, that I am password protecting using a .htaccess located in that directory:

   AuthType Digest
   AuthName "Protected PodCast"
   AuthDigestFile /usr/local/apache/conf/digest_passwd
   Require valid-user

   This works great if I remove the above .htaccess from the root of my server, but not if it exists.

   I've narrowed it down to this part of the root .htaccess that is breaking it:

   # BEGIN WordPress
   <IfModule mod_rewrite.c>
   RewriteBase /
   RewriteCond %{REQUEST_URI} ^/lectures/ [OR]
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule . /index.php [L]
   </IfModule>
   # END WordPress

   Any suggestions on how I can get this configuration to work?

   Thanks so much!

2. DianeV
   Member
   Posted 5 years ago #
   

   Yep, I've seen the same thing, and not necessarily having anything to do with WordPress.

   I've been a little lazy about researching this but, essentially, it appears that on Apache web servers if there's an .htaccess file in a subfolder, whatever was in .htaccess file(s) above that does not pertain to the subfolder. Kind of as if the existence of an .htaccess in the subfolder wipes out any .htaccess instruction from above.

   Very annoying. :)

   The part that you've narrowed down is the WordPress mod_rewrite stuff; if this were me, I'd just copy it into the subfolder's .htaccess file.

3. skippybosco
   Member
   Posted 5 years ago #
   

   Thanks Diane.

   I'm thinking somehow disabling the Rewrite Rules in the .htaccess may be the trick to getting the Digest security working?

   Surprised no one else has run into this before.

4. skippybosco
   Member
   Posted 5 years ago #
   

   Ok, found the solution to my problem.

   For those having difficulties with mod-rewrite and subdirectories with protected content:
   --
   http://wordpress.org/support/topic/142943
   --
   Essentially the workaround is to add this into the root .htaccess just before the wordpress entry:

   ErrorDocument 401 /onerror.html
   ErrorDocument 403 /onerror.html

5. DianeV
   Member
   Posted 5 years ago #
   

   Ah, I didn't realize from your description that that was the problem. Yes, I've had to do this myself on a number of sites.

Topic Closed

This topic has been closed to new replies.