Location directive disaster

phil1886 nginx-forum at nginx.us
Thu May 26 02:57:25 MSD 2011

Hi everyone

I have moved from Apache2 to Nginx. I am finding it difficult working
out what is going on with the location directive. I've looked at various
tutorials and blogs but I'm still encountering problems.

Basically I have a new website that I'm hosting off a directory of the
current one. Lets call it /newwebsite. To prevent people getting to it,
I've put http-basic authentication around it:

                ## Default Location
                location / {
                        index   index.php       index.html;

                location /newwebsite {
                        index   index.php       index.html;
                        auth_basic              "Unauthorised use

There's an admin section as well. I will need http authentication on
this, even when it goes live, to stop people gaining access to the admin

                location /newwebsite/admin {
                        index login.php;
                        auth_basic              "Unauthorised use


Of course I have the catch-all for all the php scripts:

                location ~ \.php$ {
                        include /etc/nginx/fastcgi_params;
                        fastcgi_index   index.php;
                        fastcgi_param   SCRIPT_FILENAME        
                        fastcgi_param   PATH_INFO      


When I visit http://domain.com/newsite/admin I get prompted for a http
basic-auth username and password - as expected. This works.

When I visit http://domain.com/newsite/admin/admin.php I am straight in
without http basic-auth. This is not so good..!!

So perhaps I'm doing this all wrong?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,200935,200935#msg-200935

More information about the nginx mailing list