So I'm attempting to write protect asset folders but allow a path to feeds that traverses the same path but are not 'real' directories. If you're wondering this is for WordPress.
I attempted to do this in the .htaccess:
AuthName "Restricted Area"
# We are not allow group access so this is set to null
# allow public access to the following resources
# allow access to the feeds folder
SetEnvIf Request_URI "(path/to/feeds/)$" allow
# allow access before we consider if access should be denied
# allow access for any allowed variable you've specified
Allow from env=allow
# allow open access to entire site for select ips and sites
Allow from 18.104.22.168
Allow from example.tld
# apply all matching directives.
Now the /path/ folder is protected by the basic authentication. The feeds are of the form http://mydomain.com/path/to/feeds. Again 'feeds' is not a real directory. It could also be http:/mydomain.com/path/to/feeds/atoms/other/depths/of/virtual/folders/.
First is this even possible? If so what can I do to protect the /path/ folder that has images and videos inside that are protected but allow the path to feeds without hitting the authentication?
I hope this made sense?