Htaccess-Authentication based on Host name

Let’s say you have a multisite installation with several (sub)domains pointing to the same document root. Now, you want to protect with ht-authentication while stays publicly available.
Please welcome Apache’s setEnvIf as your friend:

AuthName "Private" 
AuthType Basic 
AuthUserFile /var/www/.htpasswd
require valid-user

SetEnvIf Host secure_content

Order Allow,Deny
Allow from all
Deny from env=secure_content

Satisfy Any


Leave a Reply