Support » Fixing WordPress » rewrite and password protected directories

  • I have searched high and low (including in the forums, the codex, google, you name it) for a non-equivocal answer, on why wordpress 2.x is generating 404 errors on password protected directories and how to force wordpress 2.x to ignore a specific directory or directories.

    The scenario is thus:

    WordPress installed in the top level directory of a domain, eg: /home/some_user/

    Password protected directory (via .htaccess) within the WordPress directory, eg:

    Is there a working method to control how wordpress based re-write rules are created? Specifically, I wish to exclude an entire sub-directory structure from the wordpress re-write rules.

    No, this cannot be reliably done from the .htaccess file within the WordPress install due to WP internally generating re-write rules on the fly and virtually ignoring the .htaccess file.. and yes, I have tried excluding the directory none-the-less.

    This seems to be an ongoing issue that’s just not being taken seriously. There are certain directories I wish to control access over, yet cannot due to the way WP now internally handles rewrite rules.

    One in particular, is a statisics directory for the hosted domain, that I do not have permissions to modify. As a result, WordPress prevents me from accessing this data solely due to the almost fanatical control WP now exerts over directory structures.

    I find that a little unnecessary. If anyone has managed to “out-smart” WordPress (preferably in a recent SVN build) and restored the ability to serve content from password protected directories, via .htaccess, I’m all ears.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Addendum: found a partial work-around – might actually create a plugin to handle directives like this rather than hack core wordpress files.

    I found this:

    Change $use_verbose_rules to true in WP-includes/classes.php. This will cause WP write the rules it needs dynamically into the root .htaccess file, instead of its default internal handling.

    On this site:




    This links to other
    that gives a solution without touching the code. But the .htaccess given there has a problem. The following should work (atleast it is working for me):

    #This is what I added
    ErrorDocument 401 /failed_auth.html
    #end added part

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} ^/stats/(.*)$ [OR]
    RewriteCond %{REQUEST_URI} ^/failed_auth.html$
    RewriteRule ^.*$ - [L]
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php
    # END WordPress

    — KD

    PS: Posting here so that someone else searching for this can find it here.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘rewrite and password protected directories’ is closed to new replies.