HTTP Authentication for Specific Domain in Multisite Environment
- Drupal
- HTTP
I'm running a multisite Drupal installation, Drupal's multisite allows me to run different websites off the same set of PHP files, but with different databases (so different content). Like example.com, example1.com, and example2.com. All of them point to a single folder on my server.
What should be added to the .htaccess file to use HTTP authentication only for example2.com without affecting others (example.com and example1.com).
I have used the below code to achieve what I want.
- # set the "require_auth" var if Host ends with "example2.com"
- SetEnvIfNoCase Host example2\.com$ require_auth=true
- # Auth stuff
- AuthUserFile /var/www/htpasswd
- AuthName "Password Protected"
- AuthType Basic
- # Setup a deny/allow
- Order Deny,Allow
- # Deny from everyone
- Deny from all
- # except if either of these are satisfied
- Satisfy any
- # 1. a valid authenticated user
- Require user valid-user-name
- # or 2. the "require_auth" var is NOT set
- Allow from env=!require_auth
This will make it so authentication is not required unless the host ends with example2.com (e.g. www.example2.com, dev.example2.com, etc). The expression can be tweaked if needed. Any other host will cause the require_auth var not to get set so authentication is not required. If this needs to be the other way around, the last line could be changed to: Allow from env=require_auth, removing the !.