Support » Fixing WordPress » Exempt a subdirectory from htaccess rewriting

  • I have a WordPress install, and for various reasons related to the host I’m using, I have the install at the web server root. For awhile now I have also had a subdirectory under the root where I keep files I want to link to. These links were always published as absolute url’s to a specific file, and they worked fine.

    Now I want to password protect a specific folder under that subdirectory, and I want to provide a directory listing.

    I downloaded a directory listing script, and dropped it into the topmost folder that I want to be private. The script is in index.php in that directory. I then added the following .htaccess in that directory:

    AuthName “Private Files”
    AuthType Basic
    AuthUserFile “/home/myuser/.htpasswd”
    AuthGroupFile /dev/null
    require valid-user

    Then in ~/ I placed the following .htpasswd file:


    The problem: whether I explicitly address the index.php script, or just the folder it resides in, WordPress jumps in and 404’s. Here is the WordPress .htaccess file:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    # END WordPress

    If I understand these, the two RewriteCond directives should prevent rewriting when the target is an existing file, or a directory. However, it seems not to work. Fwiw, I checked the permissions on the listing index.php and containing folder and they’re consistent with the rest of the wordpress install.

    Just to recap the folder structure:

    /home/myuser/ <=== where .htpasswd is
    /home/myuser/public_html/ <=== wp root, wp .htaccess
    /home/myuser/public_html/misc/private/ <=== my .htaccess, directory listing script

    I have Googled around but so far haven’t found anything that gets WordPress out of the way for this specific subdirectory. Anyone have any clues?

Viewing 2 replies - 1 through 2 (of 2 total)
  • You probably need to put the following lines at the top of the WordPress .htaccess:

    ErrorDocument 401 /%{REQUEST_URI}/noerror.html
    ErrorDocument 403 /%{REQUEST_URI}/noerror.html

    You do not need the actual html file. It will just redirect to the Password login.

    Thank you very much webjunk, that worked like a charm. Now that I think about it the problem seems obvious. Thanks again, man.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Exempt a subdirectory from htaccess rewriting’ is closed to new replies.