Apache authentication : allow public access to a subdirectory

Solution 1:

Shouldn't be a problem with .htaccess, depending on what the host has allowed.

You could try putting a .htaccess in the sub-folder with the following, although overrides will have to be enabled for the directories it's in.

 Allow From All
 Satisfy Any

Solution 2:

OK, for a path server.com/private/public:

server.com/private/.htaccess

AuthType Basic
AuthName "Private, keep out."
Require...

server.com/private/public/.htaccess

Allow From All
Satisfy Any

The key here is 'Satisfy Any' which ORs the requirements from upstream together. 'Satisfy All' is the default.