i've got two domains leading to the same filebase (shop) on a multi-store setup. let's say i've got those URLs:
www.first-shop.xyz
www.second-shop.xyz
now i need to password-protect second-shop.xyz without affecting the other one. is there a possibility to set conditional auth in htaccess?
There is no way to manage this in .htaccess-File.
But it can be done with PHP-HTTP-Auth .
So it is possible to check the $_SERVER['SERVER_NAME'] against the desired domain and then return header 401 if $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] not match the credentials.
If those two auth vars stay empty after filling out the prompt you will need a .htaccess rewrite rule:
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authori
zation}]
to get the auth vars in environment variables and assign them to the above vars like that:
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));