获得“需要身份验证"当请求/而不是/index.php [英] getting "authentication required" when requesting / instead of /index.php

问题描述

在我的服务器上，我有以下 .htaccess 文件:

On my server I have the following .htaccess file:

DirectoryIndex index.php

AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/webinterface/.htpasswd
Options +FollowSymLinks
Require valid-user

<Files index.php>
    Satisfy any
    Allow from *
</Files>

如果我请求 URLIP-ADDRESS/index.php"，一切正常，我会在没有身份验证提示的情况下显示 index.php.但是，一旦我请求IP-ADDRESS/"，浏览器就会询问我的凭据.

If I request the URL "IP-ADDRESS/index.php", everything works fine, I get the index.php displayed without an authentication prompt. However as soon as I request "IP-ADDRESS/" the browser asks me for my credentials.

为什么会这样?我错过了什么?

Why is this the case? What am I missing?

推荐答案

尝试替换块以使用 mod_setenvif 来检查请求 URI，而不是使用 .mod_auth* 模块优先于 mod_dir，因此从 / 到 /index.php 的映射直到 auth 发生后才会发生.Mod_setenvif 将在身份验证之前发生.试试:

Try replacing the block to use mod_setenvif to check the request URI instead of using <Files>. The mod_auth* modules has precedence over mod_dir so the mapping from / to /index.php doesn't happen until after the auth takes place. Mod_setenvif will occur before the auth. Try:

SetEnvIf Request_URI "^/$" allow=yes
SetEnvIf Request_URI "^/index.php$" allow=yes

AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/webinterface/.htpasswd
Options +FollowSymLinks
Order Deny,Allow
Satisfy any
Deny from All
Require valid-user
Allow from env=allow

如果请求的 URI 正好是 / 或 /index.php，则设置变量 allow.如果设置了变量 allow，Auth 行后面的内容表示拒绝除有效用户或之外的所有内容.

If the requested URI is exactly / or /index.php, the variable allow gets set. The stuff after the Auth lines say to deny everything except a valid user or if the variable allow has been set.

这篇关于获得“需要身份验证"当请求/而不是/index.php的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！