nginx config: multiple locations, authentication in one, triggered for both?

roger.moffatt nginx-forum at
Mon Nov 7 08:48:53 UTC 2011

I originally posted this question on SO, but it might of course be more
logical to ask here;

I'm flummoxed.

I have a server that is primarily running couchdb over ssl (using nginx
to proxy the ssl connection) but also has to serve some apache stuff.

Basically I want everything that DOESN'T start /www to be sent to the
couchdb backend. If a url DOES start /www then it should be mapped to
the local apache server on port 8080.

My config below works with the exception that I'm getting prompted for
authentication on the /www paths as well. I'm a bit more used to
configuring Apache than nginx, so I suspect I'm mis-understanding
something, but if anyone can see what is wrong from my configuration
(below) I'd be most grateful.

To clarify my use scenario; should be proxied to
http://localhost:8080/script.cgi should be proxied to

ONLY the second should require authentication. It is the authentication
issue that is causing problems - as I mentioned, I am being challenged
on as well :-(

Here's the config, thanks for any insight.

server {
        listen   443;
        ssl on;

        # Any url starting /www needs to be mapped to the root
        # of the back end application server on 8080

        location ^~ /www/ {
        proxy_pass http://localhost:8080/;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


        # Everything else has to be sent to the couchdb server running
        # port 5984 and for security, this is protected with auth_basic
        # authentication.

        location / {

        auth_basic "Restricted";
        auth_basic_user_file /path-to-passwords;

        proxy_pass http://localhost:5984;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Ssl on;


Thanks for some pointers - I'm not sure how I can resolve this

Posted at Nginx Forum:,217906,217906#msg-217906

More information about the nginx mailing list