Am I going crazy? Mixing auth and PHP...
Denis S. Filimonov
den.lists at gmail.com
Tue Jun 3 12:45:33 MSD 2008
I didn't try it but I guess something like the following should work:
location /reports {
auth_basic "Reports";
auth_basic_user_file /home/foo/web/foo.com/.htpasswd;
rewrite (.*)\.php$ /php/$1.php last;
}
location ~ /php/.*\.php {
internal;
fastcgi_pass 127.0.0.1:11019;
fastcgi_index index.php;
# you'll need to strip the added prefix is you set any fastcgi_param
}
On Tuesday 03 June 2008 03:37:05 mike wrote:
> ack this is going to be tricky
>
> i could secure /admin/ but if someone hit a script /admin/foo.php they
> could directly without credentials...
>
> On 6/3/08, Jean-Philippe <skateinmars at skateinmars.net> wrote:
> > Hi,
> >
> > This behavior is explained in
> > http://wiki.codemongers.com/NginxHttpCoreModule#location
> >
> > Only the PHP location is matched by /reports/report.php
> >
> > the solution may be to use nested locations (but this is an unstable
> > feature), or adding a specific location that matches something like
> > ^/reports.*\.php$
> >
> > mike a écrit :
> > > http://foo.com/reports/ - prompts for auth like it should
> > > http://foo.com/reports/report.php - bypasses http auth
> > >
> > > the .php is being matched and the other location is ignored completely?
> > >
> > > server {
> > > listen 80;
> > > server_name foo.com;
> > > index index.php index.html;
> > > root /home/foo/web/foo.com/;
> > > location /reports {
> > > auth_basic "Reports";
> > > auth_basic_user_file
> > > /home/foo/web/foo.com/.htpasswd; }
> > > location ~ \.php {
> > > fastcgi_pass 127.0.0.1:11019;
> > > fastcgi_index index.php;
> > > }
> > > }
> > >
> > > Anything wrong here?
> > >
> > > How can I get auth working for the whole /reports dir? I tried even
> > > putting in the exact /reports/report.php URL in a location block, a
> > > regexp ^/reports etc...
--
Denis.
More information about the nginx
mailing list