Welcome Guest, Not a member yet? Register   Sign In
htaccess / admin area

I have a site built on codeigniter using the below htaccess file which removes the need for index.php:

RewriteEngine On
RewriteBase /domain.com
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php/$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]

I have an admin section on a controller/view called admin. When I go to domain,com/admin I want it to ask for a password. Using the below htaccess in the admin folder doesn't work though - any ideas?

AuthType Basic
AuthName "Admin"
AuthUserFile /home/website/application/views/admin/.htpasswd


Hi Daniel_E9,

I think that you have to create a physical folder on you server at the home directory :www/admin/
and copy the CI index.php to this folder and change the the variables :
$application_folder = "../application";

then you have to create another .htaccess file inside this folder :www/admin/

and put the right (rewriteRules) to this file

finally you have to protect this folder using your hosting tool :
Cpanel : Password protected directories .
Godaddy : check you folder then choose permission.

the tool will create every thing for you and will place the .htaccess on the folder then you can alter the (RewriteRules)

and you are ready to go..

[eluser]Mat Marlow[/eluser]
I managed to get the above method to work WITHOUT the authentication, but when I add the Auth rules, I get a password input and then a 500 error when I get through. If I comment the Auth rules again, it works fine.
So I have a directory called /admin which has the CI index file with the systems and application directories re-pointed as per the above post, and the following .htaccess file.

AuthName "Restricted Area"
AuthType Basic
AuthUserFile C:/wamp/www/mysite/.htpasswd
require valid-user

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /admin/

    #Removes access to the system folder by users.
    #Additionally this will allow you to create a System.php controller,
    #previously this would not have been possible.
    #'system' can be replaced if you have renamed your system folder.
    RewriteCond %{REQUEST_URI} ^system.*
    RewriteRule ^(.*)$ index.php?/$1 [L]
    #When your application folder isn't in the system folder
    #This snippet prevents user access to the application folder
    #Submitted by: Fabdrol
    #Rename 'application' to your applications folder name.
    RewriteCond %{REQUEST_URI} ^application.*
    RewriteRule ^(.*)$ index.php?/$1 [L]

    #Checks to see if the user is attempting to access a valid file,
    #such as an image or css document, if this isn't true it sends the
    #request to index.php
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php?/admin/$1 [L]

<IfModule !mod_rewrite.c>
    # If we don't have mod_rewrite installed, all 404's
    # can be sent to index.php, and everything works as normal.
    # Submitted by: ElliotHaughin

    ErrorDocument 404 /index.php

Any idea what's stopping these rules from working? They work perfectly on their own, but not together! I've tried moving the Auth lines to the bottom, but no luck.

Thanks in advance,

htpasswd - Manage user files for basic authentication


[eluser]Mat Marlow[/eluser]
That doesn't answer my question. I already have a working htaccess file.
Is there something I'm missing???

because you need the full path!


Theme © iAndrew 2016 - Forum software by © MyBB