Going public, keeping private–with .htaccess

Ever since I went public with the garden blog residing in a subfolder of this server account, I’ve been dogged with issues trying to keep the main domain private and the subdomain public.

The solution finally manifested itself after I lost access to both domains after an IP change. Because the main domain only responded to specific IP requests via the .htaccess file, I had to make some changes. An .htaccess file in the subdomain directory with the appropriate lines finally resolved the issue.

For the main domain, I limited access to my IP address with the following:

# ALLOW ONLY SPECIFIC IPs
<Limit GET POST PUT>
 Order Deny,Allow
 Deny from all
 Allow from xxx.xxx.xxx.xxx
</Limit>

I also had to permit public access to certain file-types, i.e. picture files, since my subdomain used the same WordPress content directory as the main domain:

# Allow only certain file types
<FilesMatch ".(ico|pdf|flv|jpg|jpeg|mp3|mpg|mp4|mov|wav|wmv|png|gif|swf|css|js)$">
Allow from All
</FilesMatch>

For the subdomain, I permitted the public GET, POST and PUT permissions:

# allow public access
<Limit GET POST PUT>
order allow,deny
allow from all 
</Limit>

With the above, I retained privacy of my main domain, but gave public access to the subdomain served from a subfolder of the main WordPress site.