Password protect a subsite in a WordPress network with .htaccess

A wordpress network / multisite setup uses virtual directories.

When you have a wordpress network setup on www.yourdomain.com, you can have multiple blogs with only one WordPress installation, for example:

www.yourdomain.com
www.yourdomain.com/johndoe
www.yourdomain.com/janedoe

Suppose you want to password protect only one subsite e.g. ‘janedoe’, you can’t just create a ‘janedoe’ folder on your webserver with a particular .htaccess in it.

You need to create a secured environment for the virtual folder in your main .htaccess (where all other WordPress rules reside) using the following code:

SetEnvIfNoCase Request_URI "^/janedoe/" SECURED
AuthType Basic
AuthName "restricted area"
AuthUserFile /home/mydomain/.htpasswd
require valid-user
Satisfy any
Order allow,deny
Allow from all
Deny from env=SECURED