[wp-hackers] HTTP Auth/URL Rewriting

Evan Broder wp at ebroder.net
Mon Feb 13 19:07:50 GMT 2006


Alex King wrote:
> PHP as a CGI (in the default configuration) is a problem for 401 auth 
> with PHP. The 401 auth information doesn't get passed to the PHP 
> runtime. There are work-arounds for this, I believe the TextDrive guys 
> have something cooked up for it, but they are server configuration 
> solutions (not something WP can implement).
>
> Cheers,
> --Alex
>
> Personal             Business               FeedLounge
> http://alexking.org  http://kingdesign.net  http://feedlounge.com
The issue isn't in WP itself. The problem is that WP is intercepting any 
other directory that's supposed to be protected.

That is, if I protect a directory that's within the WP root with 
.htaccess basic authentication and all that good stuff, requesting it 
returns a WP 404 error.

I have discovered that if I send the appropriate authentication headers 
with the request (i.e. a username/pass), WP doesn't intercept that. 
Since I leave my browser open all the time, I just disabled the WP 
mod_rewrite commands for a second, logged in to the directory, and 
turned the mod_rewrite stuff back on.

But that's really a crummy solution.

- Evan


More information about the wp-hackers mailing list