Secure web directory with exclude

Last time I needed to secure on of my websites. I set password, used htaccess and ...I got error on my main page. The reason was simple - main page invoked to file in my secure directory. I needed to exclude this file from my secure directory. Below is solution.

# password protection allowing multiple resources AuthType Basic AuthName "Restricted Area" AuthUserFile /home/path/.htpasswd AuthGroupFile /dev/null Require valid-user # allow public access to the following resources SetEnvIf Request_URI "(path/to/directory_01/)$" allow SetEnvIf Request_URI "(path/to/directory_02/)$" allow SetEnvIf Request_URI "(path/to/file\.php)$" allow SetEnvIf Request_URI "(path/to/file\.html)$" allow SetEnvIf Request_URI "(path/to/another/resource/)$" allow SetEnvIf Request_URI "(path/to/yet/another/resource/)$" allow Order allow,deny Allow from env=allow Satisfy any

Of course you can also use "Allow from " to limiting access to secure directory.