htpasswd and iThemes Security

  • Hello,

    I’m trying to set up a basic authentication of HTTP users with htpasswd. However, if the plugin is enabled, the following lines are not taken into account:

    AuthUserFile /home/website/www/.htpasswd
AuthName "Protected Site"
AuthType Basic
Require valid-user

    I have seen the following code in the iThemes Security Config Details of the htaccess file:

    <RequireAll>
    Require all granted
    ...
</RequireAll>

    Is there a way to combine basic authentication and the previous directive within the same htaccess file?

    Thanks in advance ??

Viewing 2 replies - 1 through 2 (of 2 total)

  • I was just looking to do the exact same thing.

    I’m not an Apache configuration expert but I think the Require all granted in the .htaccess will override the Require valid-user in all cases.

    There might be some advanced configuration possible to override it – interested if anyone has any ideas.

    I have simply disabled Configure->Lockouts->Ban Users->Enable ban lists checkbox, which removes the Require all from the .htaccess section; this is OK for me as I only have a small handful of known users with access via the AuthUserFile, but it may not be suitable in all circumstances.

    Thread Starter oscarasking

    (@oscarasking)

    @trogau, thanks for the tip. It worked for me too. Since it is a staging site, I don’t need to have the ban lists enabled neither.

    I am interested too if anyone has any ideas, without disabling this option.

    Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘htpasswd and iThemes Security’ is closed to new replies.