My Drupal is in "d", and I use mod rewrite to make that appear as if it were the web root. There is a cool feature here that allows direct access to existing pages through, so legacy material still is displayed as usual. WHen people ask for things that don't exist, they are diverted to Drupal's "page does not exist" error page.
Here's htaccess:
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{REQUEST_URI} "/ps110/" [OR]
RewriteCond %{REQUEST_URI} "/Readings/"
RewriteRule (.*) $1 [L]
# Redirect all user to without WWW
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
# Serve Drupal 7 from sub directory in web root
RewriteRule ^$ d/index.php [L]
RewriteCond %{DOCUMENT_ROOT}/d%{REQUEST_URI} -f
RewriteRule .* d/$0 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* d/index.php?q=$0 [QSA]
## see http://kahthong.com/node/74
# SET INDEX OPTIONS
IndexOptions IgnoreCase FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=* SuppressHTMLPreamble
However, after this, none of the folders in which I have htaccess password protection will display. Apparently, apache and drupal don't understand each other here. A request for a password is seen as page does not exist.
Following advice here,
http://drupal.org/node/52465#comment-106353
I checked Drupal's report page and found the failures had this report
Type page not found
Date Tuesday, August 9, 2011 - 11:52
User pauljohn32
Location http://pj.freefaculty.org/Readings
Referrer
Message failed_auth.html
Severity warning
Hostname 129.237.46.151
Operations
So to "fix" the problem, I created a file called "failed_auth.html" in the web root. After that, correctly typed URLs that lead to passwork checks are allowed.
Frustrating use of a morning.
I truly regret the decision to use Drupal at all and am a little disappointed at my friends who said I ought to use it.