Hi guys,
Is it possible to allow access to API through htaccess file to make authentication on the site and get to work piwik plug in working in the same time?
I really like to restrict access to Matomo login to avoid ex brute force attacks. but with example of htaccess site from this post I’m not able to get up and running piwik wp plug in in the same time 
Any advise much apreciate
What is the API endpoint? If it runs against index.php just add to the index.php block:
<Else>
Require ip <ip of your server>
</Else>
Hi
Thanks for reply,
This not solve authentication issue with piwik wordpress plugin 
This is my actual htaccess:
<Files "*">
AuthType Basic
AuthName "Piwik"
to be explicit, state the provider
AuthBasicProvider file
AuthUserFile "/pathtomymatomo/.htpasswd"
Require valid-user
</Files>
# Allow external access to piwik.php, matomo.php, piwik.js, piwik.php and robots.txt
<FilesMatch "(^(piwik|matomo)\.(php|js)|robots\.txt)">
Require all granted
</FilesMatch>
# Allow Opt-Out
<Files "index.php">
<If "(%{QUERY_STRING} =~ /^module\=CoreAdminHome\&action\=optOut(?!.*module\=)(?!.*action\=)/)">
Require all granted
</If>
<Else>
Require ip my server ip
</Else>
</Files>
When I comment out all <Files “*”> section I can successful login to piwik through piwik wordpress plugin and auth token. But then don’t have auth on my piwik website.
When I turn on this this section then auth works perfectly but piwik wordpress plugin can connect with my token details.
Than try to add Require ip <ip of your server> below the Require valid-user.
Tried already without success.
Tried also <RequireAll> <RequireAny> but no success.
When auth is on in htaccess recommended matomo worpress plugin don’t work at all
Please check in your access log, what IP the calls use.