Skip to main content
HTTP Authentication

HTTP Authentication for specific domain in Multisite environment

I'm running a multisite Drupal installation, Drupal's multisite allows me to run different websites off the same set of PHP files, but with different databases (so different content). Like example.com, example1.com, and example2.com. All of them point to single folder in my server.
 
What should be added to .htaccess file to use http authentication only for example2.com without affecting others (example.com and example1.com).
 
I have used below code to achieve what i want..
 
  1. set the "require_auth" var if Host ends with "example2.com"
  2. SetEnvIfNoCase Host example2\.com$ require_auth=true
  3.  
  4. # Auth stuff
  5. AuthUserFile /var/www/htpasswd
  6. AuthName "Password Protected"
  7. AuthType Basic
  8.  
  9. # Setup a deny/allow
  10. Order Deny,Allow
  11. # Deny from everyone
  12. Deny from all
  13. # except if either of these are satisfied
  14. Satisfy any
  15. 1. a valid authenticated user
  16. Require user valid-user-name
  17. or 2the "require_auth" var is NOT set
  18. Allow from env=!require_auth
 
This will make it so authentication is not required unless the host ends with example2.com (e.g. www.example2.com, dev.example2.com, etc). The expression can be tweaked if needed. Any other host will cause the require_auth var not to get set so authentication is not required. If this needs to be the other way around, the last line could be changed to: Allow from env=require_auth, removing the !.