htaccess rewrite and auth conflict

Question

I have 2 directories each with a .htaccess file:

html/.htaccess - There is a rewrite in this file to send almost everything to url.php

RewriteCond %{REQUEST_URI} !(exported/?|\.(php|gif|jpe?g|png|css|js|pdf|doc|xml|ico))$
RewriteRule (.*)$ /url.php [L]

and html/exported/.htaccess

AuthType Basic
AuthName "exported"
AuthUserFile "/home/siteuser/.htpasswd"
require valid-user

If I remove html/exported/.htaccess the rewriting works fine and the exported directory can be access. If I remove html/.htaccess the authentication works fine.

However when I have both .htaccess files exported/ is being rewritten to /url.php. Any ideas how I can prevent it?

Answer 1

I think you may have meant this for your regex:

RewriteCond %{REQUEST_URI} !(^exported/?|\.(php|gif|jpe?g|png|css|js|pdf|doc|xml|ico)$)
RewriteRule (.*)$ /url.php [L]

Does html/exported/exported/ work in your current setup by any chance?

Answer 2

If you do not need any rewriting to occure in /html/exported/, why not to just turn off Rewriting engine in that folder: RewriteEngine Off