Hallo
in der Virtual-Host Configuration kann man die API und Admin routen vom .htAccess Schutz ausnehmen.
Hier ein Beispiel für nginx:
server {
…
location ~ .php$ {
fastcgi_split_path_info ^(.+.php)(/.+)$;
include fastcgi.conf;
fastcgi_param HTTP_PROXY “”;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
client_max_body_size 24M;
client_body_buffer_size 128k;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
http2_push_preload on;
set $auth “Restricted”;
if (request\_uri ~ /api/.\*){
set $auth “off”;
}
if (request\_uri ~ /admin.\*){
set $auth “off”;
}
if (request\_uri ~ /bundles/swagpaypal/.\*){
set $auth “off”;
}
auth_basic $auth;
auth_basic_user_file /etc/nginx/.htpasswd;
}