views:

29

answers:

1

I have setup htpasswd authentication on my live site and it works great, but I don't want to be asked for a password when I am working on the development environment.

In my httpd.conf file I have:

SetEnv APP_ENV "development"

In my .htaccess file I have:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /path/to/file/.htpasswd
AuthGroupFile /dev/null
require valid-user

I was wondering if there was anyway of putting a conditional around the htppasswd stuff so that when APP_ENV is development that I don't get prompted for a password.

Is this possible?

+1  A: 

Conditionals in Apache config work only once, when the configuration is [re]loaded.

What I would do is create a second VirtualHost with the same root directory, and control access using Deny/Allow based on IP address there.

m1tk4