HT Auth Problem
Rob Schultz
rschultz7 at gmail.com
Sat Jun 6 19:50:08 MSD 2009
You have to use a nested location like
location /imnottelling {
auth_basic "Restricted";
auth_basic_user_file /var/www/tributes-direct.co.uk/
imnottelling/.htpasswd;
location ~ .*\.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/tributes-direct.co.uk/
imnottelling/$fastcgi_script_name;
include fastcgi_params;
}
}
Igor has warned that nested locations has bugs in inheritance but that
this one will work correctly. http://marc.info/?l=nginx&m=124301482813284&w=2
Also a note its easier if you use
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
in your fastcgi_params. Then if you have your root's set right and
redefined it will properly fill the correct SCRIPT_FILENAME without
you having to do it in each of your php blocks if you have multiple of
them. Just 1 less thing that is needed to be redefined.
Rob
On Jun 6, 2009, at 8:09 AM, matt91 wrote:
> I am having a problem with HT Auth where it will protect the
> directory and all files in it except the php files, I think this is
> a problem with nginx passing all php files for processing by fcgi
> before the authentication. For example mysite.com/imnottelling/ and
> mysite.com/imnottelling/hello.html is protected however mysite.com/
> imnottelling/anything.php is not. Here is my virtual host config
> file for the domain:
>
> server {
> listen 81;
>
> server_name tributes-direct.co.uk www.tributes-direct.co.uk
> *.tributes-direct.co.uk;
>
> access_log /var/log/nginx/localhost.access.log;
>
> rewrite ^/adamcarter$ /tributedetails.php?
> name=elvis_adam_carter&page=1 break;
> rewrite ^/bg_sound_([^_]*)\.xspf$ /includes/bg_audio_player/
> bg_sound.php?tributeid=$1 break;
> rewrite ^/adamcarter$ /tributedetails.php?
> name=elvis_adam_carter&page=1 break;
> rewrite ^/elvis$ /tributeindex.php?artiste=elvis break;
> rewrite ^/_([^/]*)$ /tributedetails.php?name=$1 break;
> rewrite ^/_(.*)/page/(.*)$ /tributedetails.php?name=$1&page=$2 break;
> rewrite ^/_(.*)/art/(.*)$ /tributedetails.php?name=$1&artisteid=$2
> break;
> rewrite ^/_(.*)/cat/(.*)$ /tributedetails.php?name=$1&cat=$2 break;
>
> location / {
> root /var/www/tributes-direct.co.uk;
> index index.php index.html index.htm;
> }
> location /imnottelling/* {
> root /var/www/tributes-direct.co.uk;
> index index.php index.html index.htm;
> auth_basic "Restricted";
> auth_basic_user_file /var/www/tributes-direct.co.uk/
> imnottelling/.htpasswd;
> }
>
> #error_page 404 /var/www/err/404.html;
>
> # redirect server error pages to the static page /50x.html
> #
> #error_page 500 502 503 504 /50x.html;
> #location = /50x.html {
> # root /var/www/err;
> #}
>
> location ~ \.php$ {
> fastcgi_pass 127.0.0.1:9000;
> fastcgi_index index.php;
> fastcgi_param SCRIPT_FILENAME /var/www/tributes-direct.co.uk/
> $fastcgi_script_name;
> include fastcgi_params;
> }
>
> serve static files directly
> location ~ .(jpg|jpeg|gif|css|png|js|ico)$ {
> access_log off;
> expires 30d;
> }
>
> # protect htaccess
> location ~ /\. {
> deny all;
> }
> }
>
>
>
> And yep, I know the .htpasswd is in an accessible location ;-)
>
> Thank you for your help.
>
> Matt
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,2667,2667#msg-2667
>
>
More information about the nginx
mailing list