Another auth/location question - probably very simple to fix :)

Igor Sysoev is at rambler-co.ru
Sat Aug 16 11:51:34 MSD 2008


On Fri, Aug 15, 2008 at 05:55:05PM -0700, mike wrote:

> prompts but only on the exact /wordpress/admin match:
> 
> location /wordpress/admin {

But the better way is disable regex searches:

- location /wordpress/admin {
+ location ^~ /wordpress/admin {

>    auth_basic "wordpress";
>    auth_basic_user_file /home/foo/web/foo.com/.htpasswd
>    location ~ \.php$ {
>      fastcgi_pass 127.0.0.1:11000;
>      fastcgi_index index.php;
>    }
> }
> 
> doesn't prompt at all:
> 
> location ~ /wordpress/admin(.+) {
>    auth_basic "wordpress";
>    auth_basic_user_file /home/foo/web/foo.com/.htpasswd
>    location ~ \.php$ {
>      fastcgi_pass 127.0.0.1:11000;
>      fastcgi_index index.php;
>    }
> }
> 
> am i missing something? i thought i had it fully secured. not sure if
> behavior changed from 0.7.4 or so to 0.7.10
> 
> i want everything under /wordpress/admin/ to require basic auth. i
> could have sworn this worked properly before, but now the first one
> prompts only for the / index, if i enter in a direct URL i get no
> prompt (like /wordpress/admin/post-new.php)


-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list