Can auth_basic restrict files in certain folder?

Rob Schultz rschultz7 at
Mon Mar 29 07:13:45 MSD 2010

Hi Gavin,

> I have some problem with my nginx
> I just could not restrict files in certain floder, as follows, i put the settings to nginx.conf
>    location ~ ^/restrict/
>    {
>      auth_basic             "STATISTIC";
>      auth_basic_user_file   /usr/local/nginx/conf/pwfornginx
>    }
> the folder /restrict/ is restricted perfect, however, files in the folder can still be accessed,
> /restrict/somefile.php
> What's the matter? any ideas?

The problem is you somewhat have to rethink how NginX process the request. read here for more details but to sum it up you probably have a something like
location ~ .*\.php${
in your config which actually handles the /restrict/somefile.php instead of 
location ~ ^/restrict/ { } 
there is two ways to remidy this. you can do something like

location ~ ^/restrict/.*\.php$ {
#rest of auth config

or you can do sub-locations *note* this is the only instance that i have read where it is safe to do nested locations. YMMV

   location ~ ^/restrict/
     auth_basic             "STATISTIC";
     auth_basic_user_file   /usr/local/nginx/conf/pwfornginx
        location ~ .*\.php$ {
	  #include your php config for processing ie proxy_pass or fastcgi_pass


More information about the nginx mailing list