Password Protection for Virtual Location and Overwriting Rules

I have for my php application a virtual location "/backend/" which I like to have password protected. I also using "rewrite" rules at the root context so the requests get routed to my "/index.php". I noticed when I have a root context "/" with rewrite rules the "Realm" protected context "/backend/" get ignored, regardless which order I have specified in in my virtual host. means no password dialog is poping up.

  • I also tried to have only one static context for "/backend/" but when I tried to activate "Rewriting Rules" then the password protection is not working, means no password dialog is poping up.
  • I also tried with a "Litespeed SAPI" context with "/backend/" but here I am not able to apply any rewriting rules
So how do I add a password protection for a virtual location with rewriting rules on open litespeed?

  1. context "Static" with URI "/" and rewriting rules
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php

  1. context "Static" with URI "/backend/" with "realm" and inherited rewriting rules
  • realm get ignored
  • it works if the directory "backend" on the file system exists, but then my rewriting will not work because it finds the directory
  1. context "LiteSpeed SAPI" with "/backend/" and "realm" but is not asking for the password.
I tried to switch the contexts in other order, but the effect is still the same. And yes I have restarted litespeed after the changes.


What if you remove the '/' static context, and add the rewrite rules to the .htaccess file? So the request to /backend/ will not be hit.
Thank you for the suggestion, but it does not work. Means the rewrite rules get processed but the "Realm" ignored. I also tried to create a "backend" directory on the filesystem with an own ".htaccess" file (/backend/.htaccess). Same behavior the rewrite get processed but the "Realm" ignored. Any other suggestions?


I just tested it on my site, add the following rules to the document root's .htaccess file works for me.

RewriteCond %{REQUEST_URI} ^/backend $
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1/ [R=301,L]