Location recursive downloads php files
Francis Daly
francis at daoine.org
Sun Jul 21 08:04:28 UTC 2013
On Sat, Jul 20, 2013 at 05:01:39PM -0400, Peleke wrote:
Hi there,
> I try to secure a specific folder and all files and subfolders with this
> location block:
>
> location ^~ /folder1/admin {
> auth_basic "Login";
> auth_basic_user_file
> /var/www/domain.tld/www/folder1/admin/.htpasswd;
> }
>
> With this code nginx offers always to download the php files.
>
> With this code everything works as expected except that files and subfolders
> are not secured:
>
> location /folder1/admin {
> auth_basic "Login";
> auth_basic_user_file
> /var/www/domain.tld/www/folder1/admin/.htpasswd;
> }
>
> Why is that and how can I fix the problem from the first block?
In nginx, one request is handled in one location.
http://nginx.org/r/location describes the rules, so that you can know
which one location will be used for a particular request.
In the above location{} blocks, you give no indication of what nginx
should do with the request, so it uses its default of "serve it from
the filesystem".
The difference between your two observations is that in the first case,
the location{} block is used for the request that you made; and in the
second case, the location{} block is not used.
To fix your configuration, you must put all of the configuration that
you want to apply to a request, in the one location{} that handles
that request.
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list