Directory privacy working halfway


I’ve added to my website a protection with all the users granted access to it. There are some parts of the site that are specific to a certain user’s utilization, but it doesn’t ask me the password after the first login.

Let’s say that my main directory is this: steht zum Verkauf - Sedo GmbH
The part where I need the second protection to be functioning is: steht zum Verkauf - Sedo GmbH

If you already logged in before, you don’t need to log in again because the authentication cookie is still saved in your browser.
If you want to test if the authentication is still working, delete your browser’s cookies or open the website using an anonymous tab.

And that is how it worked before. But now if I login when I open the site and try to access to another user’s page it lets me in.

I’m not sure I understood the problem. But if you want to give access to a user in the main folder and disallow access to the same user in a sub-folder, you will need two different rules.

.htaccess rules are inherited by the sub-folders of the folder where the .htaccess resides.
If you want to disallow in a sub-folder, the user you allowed in the main folder, you need an .htaccess in the sub-folder with a rule to disallow access to that user.

1 Like

I’m not sure if what you’re trying to do is possible with Directory Privacy. I believe that with Directory Privacy you either have access to a particular directory or your don’t. And if you have access to a directory, then you have access to all files and subdirectories too.

I think you’ll need to implement something yourself in PHP if you need more sophisticated authentication capabilities.

Or just don’t put the things for which you need a second set of credentials in a subdirectory.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.