Password-Protected Directories w/ WordPress Installs

Hi all,

I currently have a dev site where I host websites in development. I sometimes direct clients to the dev server to see the current status of their website. The problem is that the whole directory is password-protected with a single username and password - clients who are given that username and password could potentially see anyone else's website, if they typed in the URL. Not a massive problem admittedly, but still one I want to solve.

Of course it would be very easy to simply add a unique password to each directory when its added, but I'm interested in going one step beyond and launching a full CodeIgniter-based Dev Server interface (instead of .htaccess logins, which are ugly and boring). Upon navigating to the base url for the dev server, clients would be shown a legitimate login screen and, upon logging in, would be automatically redirected to the website associated with their logins.

Now, I know how to do all of that, that part is no big deal. But what I DON'T know how to do is install a WordPress site (many of my clients need WordPress builds) in a sub-directory of a CodeIgniter install, have that ENTIRE directory be password-protected by CodeIgniter (not just index.php, but all sub-directories and etc.), but NOT have CodeIgniter interfere with the WordPress installation. Is that even possible?

Just to reiterate, in case the above is a little ramble-y: dev.mysite.com would be controlled via CodeIgniter. dev.mysite.com/website would contain a WordPress site. dev.mysite.com/website and ALL subdirectories would be password-protected by CodeIgniter, and if someone tried to access ANY of them without first being logged in to the CodeIgniter installation, they would be redirected to dev.mysite.com to log in.

Is that actually possible? And if so, is it possible to do it on a semi-automated basis? Ideally, this will also include an administrative interface that allows me to create new site directories and upload directly to them, so ideally if I need to make changes to the .htaccess, it's the kind of changes that can be automated at least to some degree.

Thanks in advance for any answers or assistance!

Hi,

It is an interesting question.

I do not think you can put wordpress 'within' CI.

But, you could easily add a redirect into your wordpress header (or wherever) that perhaps could be called if some condition is not met.

<?php
if (....) {
wp_redirect( $location, $status );
exit;
}
?>

Perhaps an ajax call to the CI folder to check if the users cookie is logged in or not? That might work.

Hope that helps,

Paul.

Yes. You will need to use mod_rewrite inside an .htaccess file. Rename your CodeIgniter index.php file to ci_index.php, then use mod_rewrite to create rewrite rules that get routed to ci_index.php if they are routes that should be for CI. Anything else goes to WordPress.

I've done this successfully a number of times. For example:

Code:

# URLs routed to CodeIgniter
RewriteRule ^accounts$ /ci_index.php [L]
RewriteRule ^administration/.*$ /ci_index.php [L]

# No need to allow access to the following files
RewriteRule ^(wp-admin/install.php|xmlrpc.php|wp-trackback.php|wp-mail.php|wp-signup.php|wp-links-opml.php|wp-settings.php|wp-config.php|wp-load.php|wp-cron.php|wp-blog-header.php|wp-activate.php) - [F,L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [PT,L]

In this example, index.php is WordPress' index.php.

This is actually really handy, because WordPress is lame when it comes to creating custom forms and ecommerce sites.

Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3

Hey - thanks for the suggestions! I'll try both of those out and probably post back here if one works