我有一个httpd服务器和WordPress网站。当用户访问我的域时,我一直将/.htaccess设置为authen。但是,我想直接访问没有authen的mydomain / wp-admin。这是我的文件.htaccess,但无效:
SetEnvIfNoCase Request_URI "^wp-admin\.php" noauth
AuthType Basic
AuthName "Please login"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
Order Deny,Allow
Deny from all
Allow from env=noauth
Satisfy any
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
答案 0 :(得分:0)
如果你想登录密码是,你可以,但你仍然需要用户名,因为你必须设置auth cookie才能进行身份验证。
将以下代码放入function.php文件
// jshint ignore: start现在,如果你去wp-admin,它只会询问你的用户名并让你登录。
答案 1 :(得分:0)
我已修复,但似乎不能完全符合我的目标。普通用户在访问mydomain /时必须输入凭证,然后admin用户可以直接访问mydomain / wp-admin。但是,在输入正确的WordPress用户/密码后,我们收到了mydomain的弹出认证。它是如何工作的?给我一些解决方案。
[ec2-user@ip-10-0-1-61 cms]$ sudo vi .htaccess
RewriteEngine On
# Do the regex check against the URI here, if match, set the "require_auth" var
SetEnvIf Request_URI ^/wp-admin|^/wp-login require_auth=true
# Auth stuff
AuthUserFile /etc/httpd/.htpasswd
AuthName "Password Protected!!!"
AuthType Basic
# Setup a deny/allow
Order Deny,Allow
# Deny from everyone
Deny from all
# except if either of these are satisfied
Satisfy any
# 1. a valid authenticated user
Require valid-user
# or 2. the "require_auth" var is NOT set
Allow from env=require_auth
RewriteCond %{REQUEST_URI} ^/wp-admin|^wp-login
RewriteCond %{REMOTE_ADDR} !=x.x.x.x
RewriteCond %{REMOTE_ADDR} !=x.x.x.x
RewriteCond %{REMOTE_ADDR} !=x.x.x.x
RewriteRule ^(.*)$ - [R=403,L]