Apache question: I have a wordpress website. I want to protect with password the wp login screen. I don't wanty to allow local .htaccess. In the virtual host i'm using:
<LocationMatch "(/wp-admin/|/wp-login.php)">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</LocationMatch>
which works, but i still able to access the login screen via the page id of wordpress: https://my.domain.com/?page_id=54
and could find the right syntax for the LocationMatch directive.
It works with <LocationMatch ".*"> of course but nothing else works, not with even <LocationMatch ".*54$">
Any help will be appreciated.
Just add another LocationMatch directive (Apache 2.4):
<LocationMatch ".*"> <If "%{QUERY_STRING} =~ /page_id=54/"> AuthType Basic AuthName "Restricted Content" AuthUserFile /etc/apache2/.htpasswd Require valid-user </If> </LocationMatch>[ https://serverfault.com/questions/848320/can-locationmatch-regex-match-query-string-portion ]