Support » Fixing WordPress » htaccess questions

  • Hi, I’m new and could use some help. I’ve searched first, but didn’t quite understand some of the problems folks are having with htaccess, and I have an issue that I’d really appreciate some help with as well.

    Here’s my scenario. I have WordPress installed successfully on the root level of a domain and have enabled the friendly url structure and everything works great.

    Here’s my problem. I also have a subdirectory off the root level domain we’ll call /test in which I need to password protect the entire directory. I’ve created an htaccess file from my cpanel of my host but it appears as if WordPress is not allowing the processing of the htaccess file in my subdirectory because if I delete the htaccess file in the root of my wordpress install, my prompts to enter a user name and password in the directory I’ve protected work fine. If I add back the htaccess for wordpress in the root directory, then when I try to access my password protected subdirectory, I am simply redirected back to my main wordpress page and so I can’t access my login screen for the other program that is installed in a subdirectory off of the main root directory.

    Can anyone help me with specific examples of exactly what I can put in the htaccess file to cause WordPress to ignore certain directories and allow existing htaccess files to be processed? I’ll need real clear samples as I’m brand new and understand I think what the problem is yet I do not have any technical expertise in terms of how to solve it. Thank you so much for any help or insight anyone can provide.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Samuel Wood (Otto)

    (@otto42) Admin

    There’s nothing special you should have to do. The rules in WordPress’ htaccess file don’t take effect if the requested file and/or directory exist.

    So if you make a /test directory and stick, say, a file test.html in it, then should work fine. htaccess rules in that directory will be obeyed as well.

    The only problem is if you’re trying to use redirects or something else. WordPress’s htaccess rules only check for the existance of actual files and directories underneath it’s own structure. If you’re trying to use a URL that is a rewrite and not an actual file, then the WordPress rules will take over (because the file is not found) and it’ll redirect to your blog.

    Hi, thanks so much for the info, but I must have done something wrong because I cannot access any of the files in my subdirectory which are password protected.

    Here’s my .htaccess file in the root WordPress directory.

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

    Here’s my .htaccess file in the /test subdirectory

    AuthType Basic

    AuthName “Restricted Area”

    AuthUserFile “/home/domainname/.htpasswds/test/passwd”

    require valid-

    When I type in or even I am always redirected to the wordpress blog. If I delete the htaccess file in my root wordpress directory, the password protection in /test works great–just can’t seem to get them both cooperating
    “nicely” together.

    Appreciate so much your taking the time to reply.

    Take the .htaccess from your “test” sub directory.
    Put the same verbage/rules in the root .htaccess before the WP stuff and it will work fine.
    I have the same arrangement on several blogs.

    Moderator Samuel Wood (Otto)

    (@otto42) Admin

    samboll: Can’t do that, he only wants the test directory to be password protected, not the whole thing.

    Anyway, that should work as it stands. The !-f is the trick there, it checks to make sure that the requested file does not already exist before forcing the index.php rewrite.

    Works great now! Thanks a million for the help.

    I spoke too soon on the htaccess problem and was thinking I had it solved, but when following samboll’s instructions, it is true that I am prompted for a user name and password when trying to access the password protected directory, but I am also prompted for a password when accessing the main site as well.

    I’m not sure that I understand what Otto42 means when using the !-f parts. If anyone could tell me specifically what else to try it would be very helpful. I’ve tried all day today with various options, but I don’t know enough about what this all means and it’s like throwing a dice in terms of my being able to fix it on my own. So back to the experts here for some more advise:-)

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘htaccess questions’ is closed to new replies.