On 07/08/07, Henry Cavillones <henry.cavillones@xxxxxxxxx> wrote: > ok so i have this vhost directory container which is also the vhosts > docroot: It would probably help to see the vhost too as it's unclear if this directory block is actually in it, and if it isn't, whether there's another block that could override this one. > <Directory "/usr/local/sites/somedir/htdocs"> > AllowOverride All > DirectoryIndex index.html > AuthName "SomeProj: Authorized Access Only" > AuthType Basic > AuthUserFile > /usr/local/sites/someproj.htpasswd > Require valid-user > <FilesMatch "\.(png|gif|flv|js)$"> > Allow from All > Satisfy Any > </FilesMatch> > </Directory> > > This is as far as ive gone with no success, currently any URL i request > requires authentication. > > Im trying to figure out how to only allow unauthenticated access to > requested URLs that have png,gif,flv or js in them. > Otherwise authentication is necessary. The request URL can be as deep as it > wants (for example: /js/ver/whatever/publisher.js or /admin.js ) > > Oh and by the way, when the acceptable URL request is made it is re-written > by this rule: > RewriteRule > ^/js/ver([0-9]+)/([0-9|a-f]{8})/publisher\.js$ > /js/someproj.php?version=$1&publisher_hash=$2 [L] This could be a problem. FilesMatch tries to match the name of a physical file, I believe, so it could be that that block isn't matching. Try LocationMatch instead, or, use something like a simple Redirect in the block to see if it's matching. Again however seeing this RewriteRule out of context doesn't help much as I can't see how it fits with your other directives. -- noodl --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx