Confused with mod_rewirte

The .htaccess in the most matching directory superseedes another one. For Example the one in /private/ will superseede the one in /.

While you’re reading this, you might ask yourself then, why the hell is /private then not working like expected? Well, because Apache things that private is a file inside / and not the directory /private/ (see the slash (/) at the end.

The overall problem is called canonical URLs. That means, URLs that end in a directory should be auto-slashed by a redirect.

You can find this explained as the first Example in the Url-Rewriting-Guide in Apache 1.3 Configuration.

Yeah, except that doesn’t explain why “foo” works just fine, and adding a / to the end of private doesn’t help.

oh, also if i remove .htaccess from private it starts working. so i guess i’m confused why if the private .htaccess says nothing about redirection, does it go all funny?

bignose, now I completely can not follow you any more. The way you write is too chaotic for me so I can recorgnize a known pattern. Please excuse but my english is not my mother-language and I do not know your very certain server setup.

Pretty simple… ??

https://www.bignose.ca/foo and https://www.bignose.ca/foo/ both work as desired.

https://www.bignose.ca/private and https://www.bignose.ca/private/ do not work.

The only difference between foo and private, is that private contains a .htaccess file that looks like this:

require valid-user
AuthName “MacDonald Family Only”
AuthUserFile /usr/home/bignose/www-etc/macdonald.pwd
AuthType basic

Jeff.

The problem with using subdirectories with authentication is a known issue. A workaround is to create an empty file in your web root called “onerror.html” and then to add these lines to the main .htaccess, before the WordPress rules:

ErrorDocument 401 /onerror.html
ErrorDocument 403 /onerror.html

Change the path as appropriate for your setup, of course.

If you want to know *why* this works, then the answer is a bit involved… password protection works by the protected directory throwing a 401 error back to the browser when it doesn’t send the right credentials. But a 401 error can still have content. In this case, the 401 error is intercepted by WordPress’ rewrite rules and redirected to WordPress. By pre-empting it with a ErrorDocument, you make the rewrite condition of !-f fail because the file exists, and thus WordPress won’t attempt to take over 401 errors any more.

Otto42 : Thank you ! ??

I haven’t tried it yet, but I do appreciate you taking time to explain it. Many thanks.

Jeff.

Works perfectly, thanks.

Should something like this be added to workpress, or made into a plugin of sorts?

Jeff.