Issue with the .htaccess catch-all rule and password protected directory

curlypinky

I have a folder called "admin" that is password protected using cpanel's .htaccess rules.
When attempting to access this folder zenphoto takes over and sends to an object not found:

"The Zenphoto object you are requesting cannot be found.
Album: admin"

This seems to affect any folder with htaccess password protection. I have isolated the problem to ZenPhoto's htaccess catch-all rule:
`

# Catch-all - everything else gets handled in PHP for compatibility.

RewriteRule ^(.*)/?$ index.php?album=$1 [L,QSA]

`
If I disable that rule then I can access the "admin" folder just fine.

It seems that this is an issue with .htaccess password protected directories. The solution I found that worked was to add the following to the htaccess:

ErrorDocument 401 /myerror.html
ErrorDocument 403 /myerror.html

And create a static page for myerror.html
After doing this I am getting the expected password challenge. Thought I would share this info for others and also see if there is a better way if anyone has had to deal with this.

sbillard

I presume that this is caused by the way that the .htaccess password protection works. Presumably it does not let the rewrite rules know that the folder is a folder, so the rules that detect real folders fail and the url is presumed to be a request for an album.

Your workaround or something like it that detects these folders and handles them ahead of any zenphoto rules processing is the proper solution.