Can auth_basic restrict files in certain folder?
Rob Schultz
rschultz7 at gmail.com
Mon Mar 29 07:13:45 MSD 2010
Hi Gavin,
> I have some problem with my nginx
> I just could not restrict files in certain floder, as follows, i put the settings to nginx.conf
>
> location ~ ^/restrict/
> {
> auth_basic "STATISTIC";
> auth_basic_user_file /usr/local/nginx/conf/pwfornginx
> }
>
>
> the folder /restrict/ is restricted perfect, however, files in the folder can still be accessed,
> /restrict/somefile.php
>
> What's the matter? any ideas?
The problem is you somewhat have to rethink how NginX process the request. read here for more details http://nginx.org/en/docs/http/request_processing.html#simple_php_site_configuration but to sum it up you probably have a something like
location ~ .*\.php${
}
in your config which actually handles the /restrict/somefile.php instead of
location ~ ^/restrict/ { }
there is two ways to remidy this. you can do something like
location ~ ^/restrict/.*\.php$ {
#rest of auth config
}
or you can do sub-locations *note* this is the only instance that i have read where it is safe to do nested locations. YMMV
location ~ ^/restrict/
{
auth_basic "STATISTIC";
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
location ~ .*\.php$ {
#include your php config for processing ie proxy_pass or fastcgi_pass
}
}
v/r,
Rob
More information about the nginx
mailing list