Protecting staging sites with Basic Authentication

This approach was primarily devised for use with WP Engine staging sites, but will work in any situation where you have no access to Apache’s config and need to use a single .htaccess file for multiple domains (e.g. a multisite setup).

We’ve recently had a couple of projects hosted on WPEngine where we need to have a staging site protected by Basic Authentication so only authorised users can access it. Normally I would configure Basic Authentication in the Apache VirtualHost, but on WP Engine (for example) they handle all the server configuration for us, meaning we don’t have access to the Apache configuration. WPEngine also provide a Git push to deploy facility, which we tend to take advantage of because Version Control Rools, OK? Because all the web files are within Git version control, we are using the same .htaccess file for the developer, staging and live sites. (We could Git ignore the .htacess file, but I prefer to version control more, rather than less.)

Continue reading Protecting staging sites with Basic Authentication