#for Apache 2.4 
SetEnvIf Request_URI ^/tracking/logs auth=1
SetEnvIf Request_URI ^/anotherdir/logs auth=1

AuthName "Please login"
AuthType Basic
AuthUserFile "/srv/http/.htpwd"

# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auth
#END - for Apache 2.4 


#WORKS with apache < 2.4
# Basic authentication for site excluding specific url patterns
# Do the regex check against the URI here, if match, set the "allow" var

SetEnvIf Request_URI ^/api allow
SetEnvIf Request_URI ^/uploads allow

AuthType Basic
AuthName "restricted area"
AuthUserFile /home/.htpasswd #chage to your .htpasswd file ABSOLUTE path

# Setup a deny/allow
Order Deny,Allow
# Deny from everyone
Deny from all
# except if either of these are satisfied
Satisfy any
# 1. a valid authenticated user
Require valid-user
# or 2. the "allow" var is set
Allow from env=allow