Bug #1853
closed
Added by Matt Gold over 12 years ago.
Updated over 12 years ago.
Category name:
WordPress (misc)
Description
Hi Boone,
I think I just viewed cdev without logging in; opened a chrome incognito browser window to confirm, and found the same thing.
- Assignee changed from Boone Gorges to local admin
I believe that cdev used to be locked at the global Apache level, but André probably lifted that restriction so that we could figure out some of the JITP stuff a few weeks back.
For the time being, I have reenabled the .htpasswd restriction in .htaccess. But this is problematic in the long run, because we keep .htaccess under version control, and I don't want to extend that authorization requirement to all instances of the Commons. André, for that reason, could I ask you to move the auth block (the first four lines of /var/www/html/.htaccess on cdev) to our vhost definition, so that I can revert .htaccess to the repo version? Thanks.
Boone, would it be acceptable for you to use the technique we worked on before where only a single subdomain (cdev.gc.cuny.edu in this case) would be protected? In this case it could still have the snippet in repo control and not affect the production site.
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /var/www/.htpasswd
Require valid-user
SetEnvIf Host ^cdev2\.gc\.cuny\.edu challenge_me
SetEnvIf Remote_Addr 127\.0\.0\.1 internal_request
satisfy any
Order Allow,Deny
Allow from all
Allow from internal_request
Deny from env=challenge_me
- Status changed from Assigned to Reporter Feedback
- Status changed from Reporter Feedback to Assigned
Sure, that sounds fine to me, André. I'd do it myself, but vim is telling me you've got the file open :)
Sorry, it's all yours now : )
- Status changed from Assigned to Resolved
- Target version changed from 1.3.13 to Not tracked
Boone Gorges wrote:
Thanks, André.
You're welcome. Thanks for running with it.
Thanks so much to you both!
Also available in: Atom
PDF