HTTP Authentication for a single URL

I have enabled HTTP Authentication for my site using the following rules in my .htaccess file:

AuthType Basic
AuthName "Authentication Required"
AuthUserFile /srv/users/SYSUSER/apps/APPNAME/public/.htpasswd
Require valid-user

I'd like the HTTP Authentication to only affect my back-end login page and not the front-end login. Please advice.

  • Talal
    • WPMU DEV Initiate

    Thank you for your quick reply, the solution seems to work. But it still does route the front url to the identifier link, which then requires the authentication.

    I have a front login url and this is the code running to allow front end login. Can you check to see if there is another way I can use the allow for front end login.

    Thank You
    Talal

    <?php
    if ( ! is_user_logged_in() ) { // Display WordPress login form:
    $args = array(
    'redirect' => admin_url(),
    'form_id' => 'loginform-custom',
    'label_username' => __( 'USERNAME' ),
    'label_password' => __( 'PASSWORD' ),
    'label_remember' => __( 'Remember Me' ),
    'label_log_in' => __( 'Log In' ),
    'remember' => true
    );
    wp_login_form( $args );
    } else { // If logged in:
    wp_loginout( home_url() ); // Display "Log Out" link.
    echo " | ";
    wp_login_url( home_url() ); // Display "Home Page" link.
    }
    ?>
    <div class="form-login__extra">

    </div>

  • Talal
    • WPMU DEV Initiate

    I thought I would give you a better explanation.

    The solution you proposed does work for the backend login, but when I try to login using the front end. (site url/login) using the code above, once I click on (login), the authentication box pops up and the url changes to the identifier url.

    Thank you for your time.
    Talal

  • Rupok
    • Support Ninja

    Hi Talal,

    I'd like the HTTP Authentication to only affect my back-end login page and not the front-end login.

    If I understood you correctly, then you want to protect the Dashboard area with HTTP Authentication, correct? If yes, then can you please try putting the following code in your .htaccess file and check if that serves your purpose?

    <FilesMatch "wp-login.php">
    AuthName "Member Only"
    AuthType Basic
    AuthUserFile /srv/users/SYSUSER/apps/APPNAME/public/.htpasswd
    require valid-user
    </FilesMatch>

    Please let us know if that doesn't serve your purpose. We will be very glad to assist further.

    Regards,
    Rupok

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.