I'm using Expression Engine 2 Freelance worker editon that does not come with an authentication module.

I'm attempting to password safeguard a template group which has a virtual directory world wide web.domain.com/template

Things I am attempting to do is make use of the htaccess within the root to pressure individuals to enter a account information once they try to visit the to "template" section and also the two files under it.

The way in which Expression Engine works the templates are routed to and never physical sites.

My real question is how do i password safeguard this url, I attempted using LocationMatch however it did not work?

Thanks

You cannot effectively safeguard a mod_rewritten URL (whether it's possible whatsoever). An assailant would have to access the location the protected URL will get rewritten to - which you'd be departing unguaranteed within this scenario.

You still need to do this on PHP side, I believe. If your PHP is running being an Apache module, it ought to be easy to check if the asked for resource goes towards the protected directory (through either QUERY_STRING as well as other indicator), after which send the correct headers asking for authentication as referred to here within the PHP manual.

Which approach to getting rid of index.php in the URL are you currently using?

If you are while using "File and Directory Check" Method, you are able to customize the stock Apache mod_rewrite rule to exclude a particular directory while still permitting other demands to become run through index.php.

For instance, while using base "File and Directory Check" rewrite rule:

<IfModule mod_rewrite.c>
    RewriteEngine On 
    RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
    RewriteCond %{REQUEST_FILENAME} !-f 
    RewriteCond %{REQUEST_FILENAME} !-d 
    RewriteRule ^(.*)$ /index.php/$1 [L] 
</IfModule>

With this particular method, Apache inspections to ascertain if the file or directory is available -- whether it does the file is offered towards the browser whether it does not exist then it is sent through index.php and parsed being an ExpressionEngine URI.

To exclude your directory, customize the rewrite rule with the addition of your .htaccess Fundamental Authenticated password-protected directory:

<IfModule mod_rewrite.c>
    RewriteEngine On 
    RewriteCond %{REQUEST_URI} !^/(secret-directory|secret-directory/.*)$
    RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
    RewriteCond %{REQUEST_FILENAME} !-f 
    RewriteCond %{REQUEST_FILENAME} !-d 
    RewriteRule ^(.*)$ /index.php/$1 [L] 
</IfModule>

I am not fully conscious of what all of the restrictions are using the Freelance worker License, however i answered a similar question about password-protecting pages in ExpressionEnginethat could prove useful inside your situation.