Is it possible to achieve this? For example I will have "website.com/index.php?skin=name" can I password protect only this url? (with no php changing only htaccess)
P.S. "website.com/index.php" or "website.com/index.php?skin=other_name" should not be restricted..
Thanks!
You can if you use mod-rewrite to rewrite the address to something else and protect that.
http://serverfault.com/questions/94964/apache-locationmatch-directive
You can't use LocationMatch, even though it would appear that you could.
Your best bet is to do it in PHP. A quick google search later and I found a great way to use PHP_AUTH which looks a lot like the .HTACCESS login prompt
You can rewrite the address to protect it like this:
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/index\.php$
RewriteCond %{QUERY_STRING} ^skin=(name)$
RewriteRule ^(.*)$ /skin/%1 [PT]
<LocationMatch "/skin/name">
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /path/to/passwords
Require valid-user
</LocationMatch>