.htaccess-example

# Allow access to excluded diretories
SetEnvIf Request_URI ^(/wp-content/uploads/)  noauth=1
SetEnvIf Request_URI ^(/wp-cron.php)  noauth=1
<RequireAny>
  Require env noauth
  Require env REDIRECT_noauth
  Require valid-user
</RequireAny>


# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
### Generated by Dreamhost. DO NOT modify!!! ###
AuthType Basic
AuthUserFile /home/dh_tsbib6/wp.example.com/.htpasswd
AuthName "Members Area"
require valid-user
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://(?:www\.)?wp\.example\.com(?:$|/) [NC]
RewriteRule \.*$ - [F,NC]