Excluding specific URLs from HTTP authentication

alimadzi

I manage a WordPress blog for somebody who wants it to be password-protected and invisible to search engines. Done and done. Very simple.

However, even the people who know the login/password for the site cannot subscribe to the RSS feed because feed readers can't reach the page. So I'm wondering if there's a way to exclude a specific URL (or batch of files) from HTTP authentication using Apache. I've done a little research on this, but haven't found an answer yet.

The holy grail in this case would be a title-only RSS feed that is publicly available with the rest of the blog still password-protected. I'll probably run the feed through FeedBurner too.

Thanks in advance for your help.

dougal85

Just a simple thought, are you password protecting with htaccess? Could you create the rss outside the protected folder? ie maybe a subdomain.

alimadzi

dougal85 wrote:
Just a simple thought, are you password protecting with htaccess? Could you create the rss outside the protected folder? ie maybe a subdomain.

Yes, I am using .htaccess. Creating the RSS on a different subdomain is something I played around with last night. Because of the way WordPress is put together, it's a nontrivial matter to move a feed to a different subdomain. Actually in my case, I was trying to use a simlink (ln -s). Since the feed URL is created with mod_rewrite and depends on a number of different PHP files, I couldn't come up with a way to make this happen.

dougal85

Probably not a good idea and I don't think I would recommend it normally but I'm guessing the blog doesn't have huge traffic. So could you include the RSS files in PHP with the local address? I guess this method isn't the most efficient if high traffic is a concern.

I've never worked with wordpress - so I may be waaaaay off.

...but doesn't the following work?

<?php

// I'm guessing the path to the rss...
include('home/username/public_html/wp-rss.php');

?>

Putting that in your sub domain and giving PHP the path on the server to the RSS as PHP will be allowed access. If you put in the URL then PHP would have the same access problems.

alimadzi

I can try that but I don't think it will work. I already tried simlinking 'wp-rss2.php' from another subdomain (on the same server of course) and that didn't work.