I've got a directory ("files") where sub-sites and files will be produced and saved with time. The sites should also deliver a directory listing, using "options indexes", but only when a person is authenticated, and approved. I've that part built, and dealing, by doing the next:

<Directory /var/www/html/files>
  Options Indexes
  IndexOptions FancyIndexing SuppressHTMLPreamble
  HeaderName /includes/autoindex/auth.php
</Directory>

Now I have to take proper care of file delivery. To pressure authentication for files, I've built the next:

RewriteCond %{REQUEST_URI} -f
RewriteRule /files/(.*) /auth.php

I additionally attempted:

RewriteCond %{REQUEST_URI} !-d
RewriteRule /files/(.*) /auth.php

Both directives aren't redirecting to auth.php after i request:

foo.com/files/bar.pdf
foo.com/files/baz/bar.pdf

Ideas?

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^/files/(.*) /auth.php?file=$1 [NC,L]
  • Unsure if this sounds like an issue, however i use REQUEST_FILENAME with this and never REQUEST_URI
  • Make certain Rewrite is enabled with RewriteEngine on
  • If you would like the need for your capture (.*) to become passed for your script, you have to tell Apache how/where you can pass the worthiness using a $1
  • Give a ^ to the start of your rule to make certain you are matching /files/blah.txt and never, say, /foo/files/blah.txt.
  • Add the [NC,L] to inform Apache to make use of situation-insensitive matching and also to stop processing rules about this match.