Protect /analytics on Nginx with basic authentication, but allow access to .php and .js files??

lmm5247 nginx-forum at
Thu Feb 12 21:11:21 UTC 2015

> What actual requests are made that are challenged for
> authentication? Check your access_log for http 401.
> At a guess, it is just /analytics/piwik.js that you care about here.
> So: add
>   location = /analytics/piwik.js {auth_basic off;}
> inside your "location /analytics {}" block.
> (This will try to serve the file "/var/www/piwik//piwik.js", given the
> above configuration.)

Wow. I feel so dumb. That worked perfectly! Below is the config I'm using to
turn off authentication for piwik.js as well as .php files.

location /analytics {
alias /var/www/piwik/;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/pass;
try_files $uri $uri/ /index.php;
        location = /analytics/piwik.js{
        auth_basic off;
        location ~* ^/analytics(.+\.php)$ {
        auth_basic off;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;

Thank you!!!

Posted at Nginx Forum:,256585,256630#msg-256630

More information about the nginx mailing list