restrict access problem

Igor Sysoev is at rambler-co.ru
Tue Sep 16 19:04:42 MSD 2008


On Tue, Sep 16, 2008 at 10:59:50PM +0800, lhmwzy wrote:

> 2008/9/16 lhmwzy <lhmwzy at gmail.com>:
> > I want to do a restrict access for URI contains xinxi,I do as follow:
> >
> >    location ~ xinxi {
> >                allow 10.68.49.21;
> >                auth_basic "need authried";
> >                auth_basic_user_file passwd;
> >                deny all;
> >        }
> >
> > when I access http://10.66.23.102/bxzx/xinxi/ from 10.68.49.210,nginx
> > says "403 Forbidden".
> > I think the rule checkorder is
> > first "allow 10.68.49.21;"
> > then " auth_basic "need authried";auth_basic_user_file passwd;"
> > last   "deny all"
> > So when I access http://10.66.23.102/bxzx/xinxi/ from
> > 10.68.49.210,nginx should prompt me to input username and password.
> > Am I right?
> >
> Also I know the config
>     location ~ xinxi {
>                 satisfy any;
>                 allow 10.68.49.21;
>                 auth_basic "need authried";
>                 auth_basic_user_file passwd;
>                 deny all;
>         }
> can do the job well.

No, the rule order is

      any allow/deny
      then auth_basic


-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list