Igor any change auth_basic_user_file can accept the new regex stuff?

mike mike503 at gmail.com
Sat Mar 14 21:22:06 MSK 2009


2009/3/14 Igor Sysoev <is at rambler-co.ru>:

> Probably 403 should be return in both cases (static and dynamic) if error
> is file not found.

That is fine with me. I was going to recommend that but thought it
might be a bit incorrect. Since htpasswd stuff -is- required to be
configured on the server level, it is sort of a server error if it's
pointing to the wrong file. However, the users can control the files a
lot of the time and remove them...

As long as there is a simple to read error log entry for it, that
works. Right now a 404 throws an "error" - shouldn't that be more like
a "notice" ?

This missing file should be an error as it has more to do with server
configuration. But me randomly typing in /ekfhskdfdskhfs into a site
should not raise an "error" level:

2009/03/14 11:20:25 [error] 32217#0: *1 open()
"/home/mike/web/192.168.1.3/fds" failed (2: No such file or
directory), client: 192.168.1.2, server: 192.168.1.3, request: "GET
/fds HTTP/1.1", host: "192.168.1.3"

IMHO it should be less important for a 404 :)





More information about the nginx mailing list