Good morning,
I have a very strange issue with the default .htaccess with WordPress.
I have a "stats" folder in the webroot which contain something else than WordPress. Usually, I can access it by doing www.example.com/stats/ on the web browser. But with one WordPress, www.example.com/stats/ is rewrited to the index.php of WordPress.
Please note that I use the defaut WordPress .htaccess which is:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Usually, RewriteCond %{REQUEST_FILENAME} !-d
should help to skip rewriting as stats
is a directory. But stats
still rewrite to index.php
.
I already tried to add some other RewriteCond
(with REQUEST_FILENAME
and QUERY_STRING
) to try skipping manually stats
directory but it not works. Here are them (as requested on comments):
RewriteCond %{REQUEST_FILENAME} !^stats$
RewriteCond %{REQUEST_FILENAME} !^stats/$
RewriteCond %{REQUEST_FILENAME} !^/stats/$
RewriteCond %{QUERY_STRING} !stats
RewriteCond %{QUERY_STRING} !^stats/$
RewriteCond %{QUERY_STRING} !^/stats/$
RewriteCond %{QUERY_STRING} !stats(.*)
Both are not working.
As requested in comment also, I tried to rename stats
to another name. And it works with the name stats2
. But I still want to use stats
as folder name.
Note that it is not a caching issue.
Inside the folder stats
, there is a .htaccess:
AuthType Basic
AuthName "Members Only"
AuthUserFile /var/www/clients/client0/web1/web/stats/.htpasswd_stats
require valid-user
Note that the folder stats
is managed by ISPConfig.
Any idea to check? Thanks in advance.
Found the issue!!!
In general, Apache does the rewrite phase before the authorization phase, which is why your code performs the rewrite without ever asking for user to authenticate. https://stackoverflow.com/a/13295036/7664726
I had to add it to the .htaccess in the website root:
RewriteCond %{LA-U:REMOTE_USER} !^$
So my final .htaccess is this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule . /index.php [L]
</IfModule>
Thanks to add peoples in comment section helping me solve this issue.
Instead of modifying the root .htaccess
file, it may be preferable to simply disable the rewrite engine in the /stats/.htaccess
file. Since mod_rewrite is not inherited (by default) this should prevent the WordPress front-controller in the root .htaccess
file being processed.
For example, in /stats/.htaccess
:
RewriteEngine Off
AuthType Basic
: etc.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.