Protect /analytics on Nginx with basic authentication, but allow access to .php and .js files??

lmm5247 nginx-forum at nginx.us
Thu Feb 12 21:11:21 UTC 2015


> What actual requests are made that are challenged for
> authentication? Check your access_log for http 401.
> 
> At a guess, it is just /analytics/piwik.js that you care about here.
> 
> So: add
> 
>   location = /analytics/piwik.js {auth_basic off;}
> 
> inside your "location /analytics {}" block.
> 
> (This will try to serve the file "/var/www/piwik//piwik.js", given the
> above configuration.)

Wow. I feel so dumb. That worked perfectly! Below is the config I'm using to
turn off authentication for piwik.js as well as .php files.

location /analytics {
alias /var/www/piwik/;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/pass;
try_files $uri $uri/ /index.php;
        location = /analytics/piwik.js{
        auth_basic off;
        }
        location ~* ^/analytics(.+\.php)$ {
        auth_basic off;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        }
}

Thank you!!!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,256585,256630#msg-256630



More information about the nginx mailing list