.htaccess Basic Question

[robert1000]

Help. I'm an Apache/Linux novice, trying to use .htaccess to protect my site. I've successfully used .htaccess to require password login to my top-level page (/); what I want to do is allow anyone access to a particular directory /dir1 while still protecting /dir2 and /dir3.

I've created the most basic possible .htaccess file in my home directory:

AuthType Basic
AuthGroupFile /dev/null
AuthName "Enter Password"
AuthUserFile /.htpasswd
require valid-user
Options -Indexes

Now I want to put an .htaccess file in /dir1 that will override or "undo" the require valid-user instruction for that directory. Can someone tell me what syntax to use? I've tried a /dir1/.htaccess file that says "RewriteEngine Off" or "Satisfy Any" but it hasn't worked. I know that the file is being read properly in the hierarchy, since if I put "Options +Indexes" in the .htaccess for /dir1, it behaves as expected (i.e., overrides the -Indexes and lets you view the directory listing).

It seems as if there should be a simple instruction to do what I need(e.g., "not require valid-user"?) but I've looked through the Apache docs and can't seem to figure it out...

Thanks

[jledhead]

so you are wanting to password protect
/
/dir1
/dir2
/dir3

but then restrict /dir2 and /dir 3 to certain users, but still require a password before getting to /dir1

is that correct?

[robert1000]

Actually, I want to password protect every directory except /dir1. So the thought was to have the .htaccess at the / level but then override it for /dir1. (I want to do this because of the referer problem with Windows Media Player, which makes you reenter the password with most browsers and doesn't work at all with IE7; I'm not worried the fact that people would be able to access files in /dir1 directly.)