Apache HTTP Server

How to allow some paths in htaccess not to use Basic Auth?

I have Apache 2.4 on my server.
A site is set up that is closed to the general public through a password request (Basic Auth).
Challenge: Do not require a password for certain paths.
After reading this article, my .htaccess looks like this:

Authtype Basic
AuthName "Test server"
AuthUserFile /xxxx/.htpasswd
<RequireAny>
    Require expr %{REQUEST_URI} =~ m#^/dir1/.*#
    Require expr %{REQUEST_URI} =~ m#^/dir2/.*#
    Require valid-user
</RequireAny>

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L]
</IfModule>

The only problem is that the dir1 directory really exists in the file system and therefore the configuration works fine. However, the dir2 directory does not exist, and therefore this path is already redirected to the script as a parameter via ModRewrite, and routing occurs inside the script. And in this case, for some reason, the .htaccess configuration does not work and the password is requested for this path anyway.
How to solve this problem?