mod_rewrite in conjunction with “options indexes”

Question

I have a directory ("files") where sub-directories and files are going to be created and stored over time. The directories also need to deliver a directory listing, using "options indexes", but only if a user is authenticated, and authorized. I have that part built, and working, by doing the following:

<Directory /var/www/html/files>
  Options Indexes
  IndexOptions FancyIndexing SuppressHTMLPreamble
  HeaderName /includes/autoindex/auth.php
</Directory>

Now I need to take care of file delivery. To force authentication for files, I have built the following:

RewriteCond %{REQUEST_URI} -f
RewriteRule /files/(.*) /auth.php

I also tried:

RewriteCond %{REQUEST_URI} !-d
RewriteRule /files/(.*) /auth.php

Both directives are not redirecting to auth.php when I request:

foo.com/files/bar.pdf
foo.com/files/baz/bar.pdf

Ideas?

Answer 1

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^/files/(.*) /auth.php?file=$1 [NC,L]

• Not sure if this is a problem, but I use REQUEST_FILENAME for this and not REQUEST_URI
• Make sure Rewrite is enabled with RewriteEngine on
• If you want the value of your capture (.*) to be passed to your script, you need to tell Apache how/where to pass the value by using a $1
• Add a ^ to the beginning of your rule to make sure you're matching /files/blah.txt and not, say, /foo/files/blah.txt .
• Add the [NC,L] to tell Apache to use case-insensitive matching and to stop processing rules on this match.