I have a two sites. One site is symlinked into a sub folder of the first e.g.
Site1 |-foo |-bar |-symlinked-site -> /var/www/site2/ |-etc...
So in the browser url I get something like
Site 1 has an httaccess auth rule set up like so in the root folder;
# Do the regex check against the URI here, if match, set the "require_auth" var SetEnvIf Request_URI ^/path/to/auth-only/dir require_auth=true # Auth stuff AuthUserFile /var/www/site1.com/htpasswd AuthName "Password Protected" AuthType Basic # Setup a deny/allow Order Deny,Allow # Deny from everyone Deny from all # except if either of these are satisfied Satisfy any # 1. a valid authenticated user Require valid-user # or 2. the "require_auth" var is NOT set Allow from env=!require_auth
For some reason Site 2 is getting a prompt for the password, but I cannot figure out why it would do so, and I've tried a few variations of forcing
Allow from all or replicating the full auth config from site 1 to site 2.
I've checked the environment variables in
require_auth does not exist in on the second site. If I modify the rule to set
require_auth on the valid url of site 2 then I can get the
require_auth variable to show up, so I'm not sure why any part of the htaccess rule would prompt for this password.
Is there anyway I can explicitly turn off any kind of ht password check for the site 2 file path, I do not require it at all.