I have amember installed at mydomain.com/amember and I want to protect member.mydomain.com. What's the best way to go about protecting my subdomain?
Yea, I was able to add a new record under Protect Content -> Folders and set /var/www/subdomain/pages/ as the path and http://member.localhost as the URL. When I click on the "link" after creating this record, it takes me to my homepage, http://localhost. The protection does appear to work because the first time I click on member.localhost I get redirect to amember login, but after I login I get sent to localhost, and each time I click on member.localhost (after logged in) takes me to localhost. I don't know if it makes a difference, but my Redirect after login is Fixed Url: http://member.localhost.
Also, here's the .htaccess rewrite rule that was created. Code: # if cookie is set and file exists, stop rewriting and show page RewriteCond %{HTTP_COOKIE} amember_nr=([a-zA-Z0-9]+) RewriteCond /home/nick/Projects/websites/mysite/www/amember/data/new-rewrite/%1-3 -f RewriteRule ^(.*)$ - [S=3] # if cookie is set but folder file does not exists, user has no access to given folder RewriteCond %{HTTP_COOKIE} amember_nr=([a-zA-Z0-9]+) RewriteCond /home/nick/Projects/websites/mysite/www/amember/data/new-rewrite/%1-3 !-f RewriteRule ^(.*)$ http://localhost/amember/no-access/folder/id/3?url=%{REQUEST_URI}?%{QUERY_STRING} [L,R] ## if user is not authorized, redirect to login page # BrowserMatch "MSIE" force-no-vary RewriteCond %{QUERY_STRING} (.+) RewriteRule ^(.*)$ http://localhost/amember/protect/new-rewrite?f=3&url=%{REQUEST_URI}?%{QUERY_STRING} [L,R] RewriteRule ^(.*)$ http://localhost/amember/protect/new-rewrite?f=3&url=%{REQUEST_URI} [L,R] Here's the login URL I get when I click on my protected url and not logged in to amember: Code: http://localhost/amember/protect/new-rewrite?f=3&url=/
Here's the stored cookie being accessed: amember_nr Code: Name: amember_nr Content: cd7accf74a16fe574f46ca1b5a871953 Domain: localhost Path: / Send For: Any kind of connection Accessible to Script: No (HttpOnly) Created: Thursday, September 20, 2012 8:21:59 PM Expires: When I close my browser It looks like amember is ignoring my Redirect after login Fixed Url, set to http://member.localhost. Why is this?
I think I have this working. Interestingly enough, I'm not sure what I did to get it to work. I did move my website to mydomain.com locally instead of using localhost. Here is how I have my setup and got it working: Server file locations: Code: /var/www/ --> webroot /var/www/amember/ ---> amember insttall dir /var/www/wordpress/ ---> workdpress install /var/www/index.php ---> (see Note1 below) /var/www/yii-framework-app/ ---> members.mydomain.com subdomain Note1: the /var/www/index.php file is needed to tell a visitor where wp is installed. Code: /** content of /var/www/index.php **/ define('WP_USE_THEMES', true); /** Loads the WordPress Environment and Template */ require('./wordpress/wp-blog-header.php'); This is what my /etc/hosts file looks like: Code: 127.0.0.1 localhost 127.0.0.1 mydomain.com 127.0.0.1 www.mydomain.com 127.0.0.1 member.mydomain.com Then in my apache config I have: Code: <VirtualHost *> ServerName www.mydomain.com DocumentRoot /var/www/ <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> </VirtualHost> ## For my subdomain <VirtualHost *> ServerName member.mydomain.com DocumentRoot /var/www/yii-framework-app/ </VirtualHost>