Require a password for everything except one folder?

Francis Daly francis at
Thu Nov 6 23:09:05 UTC 2014

On Thu, Nov 06, 2014 at 05:35:09PM -0500, nrahl wrote:

Hi there,

> The expected response is a password prompt on all locations, unless the IP
> matches, in which case allow, or the path starts with /Public, in which case
> allow.

nginx config is based on "one request is handled in one location";
but one http request is not necessarily just one nginx request.

I suspect that if you put the configuration that you want, in the location
that you want, things will Just Work. Trying to have one location both
require and not require a password, is probably the root of the issue.

>    location ^~ /Public { # Disable access restriction on this location
>       auth_basic off;

(You will want to disable "deny all" or "satisfy any" here too.)

>       try_files fake.html @apache;

Instead of that try_files, can you just "proxy_pass" directly?

Either copy-paste the config ending with


or do "include the-proxy-pass-file;"?

>    }
>    location / { # All other requests get proxy passed to apache.
>       try_files fake.html @apache;

Same there, but that one is not directly influenced by the "satisfy
any" thing.

Good luck with it,

Francis Daly        francis at

More information about the nginx mailing list