Disabling basic_auth with rewrites

klausi nginx-forum at nginx.us
Thu May 19 17:59:37 MSD 2011


I would like to generally protect my site but allow one certain path.
However, I need rewrites to forward the requested path to a PHP file.
Unfortunately the following does not work:

location ~ ^/feeds/importer/.* {
  auth_basic off;
  rewrite ^/(.*)$ /index.php?q=$1;

location ~ \.php$ {
  auth_basic "protected";
  auth_basic_user_file /etc/nginx/htpasswd/protected;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  include fastcgi_params;
  fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  fastcgi_intercept_errors on;
  fastcgi_pass $socket;
  # workaround as fastcgi_param cannot be used inside if statements
  set $https off;
  if ($scheme = https) {
    set $https on;
  fastcgi_param HTTPS $https;
  fastcgi_read_timeout 6000;

location ~ ^/(.*) {
  auth_basic "protected";
  auth_basic_user_file /etc/nginx/htpasswd/protected;
  try_files $uri /index.php?q=$1&$args;

Any ideas how to unprotect the first location?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,199278,199278#msg-199278

More information about the nginx mailing list