So I have a development site setup running Drupal. I've locked the site down with basic HTTPAuth + htpasswd to keep out baddies.
The problem is that a single node, a webform, needs to be accessible on this dev site from the live site.
My question is: because of Drupal's convoluted bootstrapping process how would I go about allowing access to only this single file/URL?
My vhost config for htpasswd:
<Directory />
AuthUserFile /var/www/.htpasswd
AuthName "my radbad dev site"
AuthType Basic
Require valid-user
</Directory>
I've tried something like the following without success:
<Location "/node/1334">
Allow from all
Satisfy any
</Location>
You can't do it like that, because the webform isn't a file, it's dynamically generated from info you gave Drupal (which it put in the DB). All Drupal URIs (apart from your uploaded files) are index.php sending you to the right place. There's no way to tell httpauth that sometimes index.php may be accessed freely and sometimes it requires auth.
There are several options for controlling access via a Drupal module, or (if your live site is Drupal) you could just give it the same webform, but no amount of tweaking around with httpauth will solve your problem.