I've got several sites: example.com, example1.com, and example2.com in my wordpress. All of them point to my server's /public_html folder, which is my Apache root folder. What do I need to add to my .htaccess file to use http authentication only if the user is coming from example2.com/public_html?
example.com/public_html and example1.com/public_html should NOT use authentication.
The .htaccess file modifies apache settings based on the file system location, where you want to change settings based on the virtual host context.
So instead of setting up authentication in the .htaccess file, modify the Apache configuration file and add authentication settings to the correct virtual host entry:
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
<Directory /some/path/public_html>
AuthUserFile /some/path/public_html/.htpasswd
AuthGroupFile /dev/null
AuthName "authenticated Users Only"
AuthType Basic
Require valid-user
</Directory>
</VirtualHost>
Instead of using a <Directory /some/path/public_html> directive this could also be good use-case for <Location /public_html> directive within the virtual host context.
On a side note the strong recommendation from the Apache project with regards to .htaccess files:
You should avoid using
.htaccessfiles completely if you have access to httpd main server config file. Using.htaccessfiles slows down your Apache http server. Any directive that you can include in a.htaccessfile is better set in a Directory block, as it will have the same effect with better performance.
