Can auth_basic restrict files in certain folder?

Rob Schultz rschultz7 at gmail.com
Mon Mar 29 07:13:45 MSD 2010


Hi Gavin,

> I have some problem with my nginx
> I just could not restrict files in certain floder, as follows, i put the settings to nginx.conf
> 
>    location ~ ^/restrict/
>    {
>      auth_basic             "STATISTIC";
>      auth_basic_user_file   /usr/local/nginx/conf/pwfornginx
>    }
> 
> 
> the folder /restrict/ is restricted perfect, however, files in the folder can still be accessed,
> /restrict/somefile.php
> 
> What's the matter? any ideas?

The problem is you somewhat have to rethink how NginX process the request. read here for more details http://nginx.org/en/docs/http/request_processing.html#simple_php_site_configuration but to sum it up you probably have a something like
location ~ .*\.php${
}
in your config which actually handles the /restrict/somefile.php instead of 
location ~ ^/restrict/ { } 
there is two ways to remidy this. you can do something like

location ~ ^/restrict/.*\.php$ {
#rest of auth config
}

or you can do sub-locations *note* this is the only instance that i have read where it is safe to do nested locations. YMMV

   location ~ ^/restrict/
   {
     auth_basic             "STATISTIC";
     auth_basic_user_file   /usr/local/nginx/conf/pwfornginx
        location ~ .*\.php$ {
	  #include your php config for processing ie proxy_pass or fastcgi_pass
        }
   }

v/r,
Rob


More information about the nginx mailing list