Hello,
I have a CakePHP Application which I want to protect with a password. The tricky thing is, that all files/locations should be only accessible with a password EXCEPT one specific Address (a function withing a CakePHP-controller)
The Address is like that:
http://example.com/MyApp/MyController/MyFunction?MyParam=MyValue
All other locations should be only accessible with a password
http://example.com/MyApp/MyController/MyOtherFunction
http://example.com/MyApp/MyController/MyOtherFunction
http://example.com/MyApp/MyOtherController/MyOtherFunction
Well, I tried it first in the root .htaccess
-File, but the whole rewrite-thing of CakePHP makes it very difficult and in .htaccess-Files are no <LocationMatch>
directive allowed. So I tried it with <FilesMatch>
, but the real File is always the same: index.php
. mod_rewrite rewrites all Addresses to
In the next step I tried it in the apache-configuration and put there this section
<LocationMatch ^/MyApp/MyController/MyFunction.*>
AuthType Basic
AuthName "Secure Area"
AuthUserFile /path/to/.htpasswd
Require user MyUser
</LocationMatch>
Well the regex matched, but it was the wrong way. It protects MyFunction but not the rest.