Require valid-user on Apache only for some request types

Posted on 2017-03-29 in Trucs et astuces

You can use the Limit directive like this:

AuthType basic
AuthName "Restricted area"
AuthUserFile /var/www/passwd
Require valid-user
# Only GET and OPTIONS request are allowed without authentication.
<Limit GET OPTIONS>
    Require all granted
</Limit>