Unprotect a subdir of a htaccess password-protected directory

It’s a problem so simple that no one took care of writing it down somewhere. Or maybe someone did it but his page it’s not easily findable. In a project of ours we needed had a directory /files that was .htaccess password protected. We needed to have a directory inside of it, /files/images, that needed to be freely accessible to any user (why not making it /images, I hear you ask: well, Drupal’s image.module currently assumes the image directory will be a subdir of /files). No <Directory> tricks are available in .htaccess files, so I needed to find a different solution, leaving module patching as the last option. A meticolous search of various .htaccess support forums/sites/pages helped me finding the solution. I just needed to put inside /files/images a .htaccess file containing this simple command: Satisfy any That’s it for today and enjoy your sunday!