basic-authentication and php?

Jim Ohlstein jim.ohlstein at gmail.com
Fri May 22 21:31:13 MSD 2009 


Ian Hobson wrote:
> Jim Ohlstein wrote:
>>
>>
>> Ian Hobson wrote:
>>> Hi all,
>>> I'm trying to set up basic authentication to protect an area of the 
>>> website served by php.
>>>
>>> The critical bits of my server directive are.
>>>
>>> server (
>>>   listen 80;
>>>   server_name  site.com  www.site.com;
>>>   root /var/www/site.com/htdocs;
>>>   index  index.php index.html index.htm;
>>>   access_log  /var/www/site.com/access.log;
>>>  
>>>   location ~ \.php {
>>>      include /etc/nginx/fastcgi_params;
>>>      fastcgi_pass 127.0.0.1:9000;
>>>   }
>>>
>>>   location ^~ /usage/ {
>>>      auth_basic "Hello, Please login";
>>>      auth_basic_user_file /var/www/site.com/passwords;
>>>   }
>>>
>>>   location ^~ /ppg/ {
>>>      auth_basic "Hello, Please login";
>>>      auth_basic_user_file /var/www/site.com/passwords;
>>>   }
>> I would try
>>
>> location ^~ /ppg/ {
>>     auth_basic "Hello, Please login";
>>     auth_basic_user_file /var/www/site.com/passwords;
>>     include /etc/nginx/fastcgi_params;
>>     fastcgi_pass 127.0.0.1:9000;
>>  }
>>
> Hi Jim,
>
> I tried that, and got no style sheet, so I presumed that static files 
> were not being served. However, you are right. It works.
>
> However, the error long in FireFox is telling me....
>
> Error: The stylesheet http://www.site.com/ppg/css/style.css was not 
> loaded because its MIME type, "text/html", is not "text/css".
> Source File: http://www.site.com/ppg/
> Line: 0
>
> I've checked /etc/nginx/mine-types, and it claims type text/css  for 
> css files, and the default-type is application/octet-stream.
>
> So now I'm really confused.
>
> Ian
>
> p.s IE 6.0 is not so fussy. It simply leaves out some of the images :(
>
I don't know if you can nest a location block within a location block. 
The Wiki would suggest not but I've never tested it. However, it would 
be useful in this case if you could use:

location ^~ /ppg/ {
    auth_basic "Hello, Please login";
    auth_basic_user_file /var/www/site.com/passwords;
        location ~ .\php$  {
            include /etc/nginx/fastcgi_params;
            fastcgi_pass 127.0.0.1:9000;
        }
 }

That way only your php scripts would be passed to php and others served 
directly by nginx.

Igor, is that possible?


Jim

More information about the nginx mailing list