Basic HTTP Authentication & PHP-FastCGI

mike mike503 at
Wed Jul 23 14:19:35 MSD 2008

On 7/23/08, Phillip B Oldham <phill at> wrote:

> I thought nginx would have to pass the user/pass through to PHP via the
> fastcgi params?

Yeah the idea would be you put in a user/pass check at the top of each
script (when you initialize the user) to check for valid credentials.
It's not the cleanest but it would probably work.

For PHP to get it from the webserver like it can with Apache then yes,
 nginx needs to be able to pass the information that was successful
from the auth_basic/auth module(s) to a variable that can be grabbed
from within PHP (I'd expect $_SERVER['HTTP_AUTH_USER'] or something
like that) - not sure if the password can be given (or is needed) or
depends if it's plaintext vs. digest, etc...

More information about the nginx mailing list