Amazon Cloudfront and .htaccess

Question

I'm testing out Amazon Cloudfront in our dev environment, which is protected by .htaccess/.htpasswd. The password protection on the dev server is causing all of the cloudfront.net assets to be password protected as well. And no username/password combination works.

What I need to do is allow cloudfront to access the dev server by poking some holes in the .htaccess protection.

I can get a list of IP addresses here but since they are subject to change, I was wondering if anyone knew of a better way.

I cannot remove the password protection unfortunately.

Melissa Avery-Weir Melissa Avery-Weir · Accepted Answer · 2014-12-16T19:12:57

Here's what I've been using:

SetEnvIf User-Agent ^Amazon Cloudfront$ cdn
SetEnvIf Host ^static.dev.website.com$ cdn # This could also be a cloudfront.net host

AuthType Basic
AuthName "Dev Site"
AuthUserFile /directory/location/.htpasswd
Require valid-user

Order Deny,Allow
Deny from all
Allow from env=cdn
Satisfy Any

Essentially, you need you exclude CloudFront-related requests, which the first two lines handle, in conjunction with the Allow from env=cdn line.

Amazon Cloudfront and .htaccess

1 Answers