basic-authentication and php?

Igor Sysoev is at rambler-co.ru
Fri May 22 21:42:41 MSD 2009


On Fri, May 22, 2009 at 01:31:13PM -0400, Jim Ohlstein wrote:

> 
> 
> Ian Hobson wrote:
> >Jim Ohlstein wrote:
> >>
> >>
> >>Ian Hobson wrote:
> >>>Hi all,
> >>>I'm trying to set up basic authentication to protect an area of the 
> >>>website served by php.
> >>>
> >>>The critical bits of my server directive are.
> >>>
> >>>server (
> >>>  listen 80;
> >>>  server_name  site.com  www.site.com;
> >>>  root /var/www/site.com/htdocs;
> >>>  index  index.php index.html index.htm;
> >>>  access_log  /var/www/site.com/access.log;
> >>> 
> >>>  location ~ \.php {
> >>>     include /etc/nginx/fastcgi_params;
> >>>     fastcgi_pass 127.0.0.1:9000;
> >>>  }
> >>>
> >>>  location ^~ /usage/ {
> >>>     auth_basic "Hello, Please login";
> >>>     auth_basic_user_file /var/www/site.com/passwords;
> >>>  }
> >>>
> >>>  location ^~ /ppg/ {
> >>>     auth_basic "Hello, Please login";
> >>>     auth_basic_user_file /var/www/site.com/passwords;
> >>>  }
> >>I would try
> >>
> >>location ^~ /ppg/ {
> >>    auth_basic "Hello, Please login";
> >>    auth_basic_user_file /var/www/site.com/passwords;
> >>    include /etc/nginx/fastcgi_params;
> >>    fastcgi_pass 127.0.0.1:9000;
> >> }
> >>
> >Hi Jim,
> >
> >I tried that, and got no style sheet, so I presumed that static files 
> >were not being served. However, you are right. It works.
> >
> >However, the error long in FireFox is telling me....
> >
> >Error: The stylesheet http://www.site.com/ppg/css/style.css was not 
> >loaded because its MIME type, "text/html", is not "text/css".
> >Source File: http://www.site.com/ppg/
> >Line: 0
> >
> >I've checked /etc/nginx/mine-types, and it claims type text/css  for 
> >css files, and the default-type is application/octet-stream.
> >
> >So now I'm really confused.
> >
> >Ian
> >
> >p.s IE 6.0 is not so fussy. It simply leaves out some of the images :(
> >
> I don't know if you can nest a location block within a location block. 
> The Wiki would suggest not but I've never tested it. However, it would 
> be useful in this case if you could use:
> 
> location ^~ /ppg/ {
>    auth_basic "Hello, Please login";
>    auth_basic_user_file /var/www/site.com/passwords;
>        location ~ .\php$  {
>            include /etc/nginx/fastcgi_params;
>            fastcgi_pass 127.0.0.1:9000;
>        }
> }
> 
> That way only your php scripts would be passed to php and others served 
> directly by nginx.
> 
> Igor, is that possible?

Yes, it's possible, however, I do not advertise this since nested locations
have some bugs in inheritance. But in this case it will work.


-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list