Jeff Sherk Forerunner Ministries wrote:
I have authtype basic setup on a folder (https://mydomain.com/myfolder) and would like to redirect the addresses below to it first and then have it ask for username and password:http://mydomain.com/myfolder http://www.mydomain.com/myfolder https://www.mydomain.com/myfolder (the above 3 should all be redirected to https://mydomain.com/myfolder)Without the rewriterule, all 4 urls are accessible as is (and ask for username & password).Here is my htaccess file so far, but what it appears to do is always ask for the username and password first and then redirect second. I want it to redirect first and then ask for username and password, so that you cannot enter your username & password with regular http but have to use https.
Thatś entirely the wrong approach. Since you want password protection in your secure vhost, define it there. Not in some .htaccess, and especially not one which is shared with another vhost where it's not wanted. It becomes a lot easier if it (or at least the protected area) also doesn't share a directory with the other vhost. As for the question in your subject line, rewriterules in a Directory context (which includes htaccess) run after authnz. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx