Using auth_basic in dynamic vhosts
Lee Brotherston
lee at nerds.org.uk
Mon Jul 7 18:43:06 MSD 2008
Hi,
I have an nginx installation which allows vhosts to be setup
dynamically:
-------8<-------
server {
listen 10.1.2.3:80;
root /data/www/$host;
index index.php index.html;
location ~ .php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/.fastcgi.www/socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/$host/$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT /data/www/$host/;
}
-------8<-------
I had trouble writing a way to block access to certain directories,
without applying them to all vhosts. However I eventually realised
that you could do this:
-------8<-------
if ($host ~* specific-vhost.domain.com) {
rewrite ^/private.* @403;
rewrite ^/admin.* @403;
}
location = @403 {
return 403;
}
-------8<-------
This way I can restrict (in this case /private and /admin) on a
specific vhost, and not apply the same config option to all the other
vhosts.
However I have now come up against the problem of trying to implement
something similar with auth_basic. A couple of vhosts need to have
auth_basic applied to / ... obviously this means that I cannot just
use the location operative as this will apply to all vhosts.
I attempted to use a similar setup as above, with an "@auth" location
and the appropriate rewrites, and whilst the authentication works
properly, I cannot make the scripts run. Typically I either get "No
Input Files" which indicates that fastcgi is not obtaining the right
path to pass to php, or a 404 error, which is probably my fault ;)
If anyone can offer any advice it would be greatly appreciated.
Many thanks
Lee
--
Lee Brotherston - <lee at nerds.org.uk>
More information about the nginx
mailing list