I am trying to figure out one point in my development server.
I have linux server and having basic auth on that server. I am trying to remove that auth for certain folders / files. How I can achieve this?
.htaccess code below:
AuthName "Password Protected Area"
AuthType Basic
AuthUserFile /var/.password
Require valid-user
There are various ways you can do this, based on Apache version, the specific folders / files you want to allow and how your system is managed.
For example, on Apache 2.4 you could place the basic auth directives in an <If> container and use a negated regex/string comparison on the URL:
<If "%{REQUEST_URI} !~ m#^/folder(/|$)# && %{REQUEST_URI} != '/foo/bar.thml'">
AuthName "Password Protected Area"
AuthType Basic
AuthUserFile /var/.password
Require valid-user
</If>
The above <If> expression is successful when the URL-path does not start with /folder/ (ie. allows all files within) AND is not equal to /foo/bar.html (so allows that specific file).