The location directive
Antoine Bonavita
antoine.bonavita at gmail.com
Thu Apr 7 22:59:19 MSD 2011
>From previous examples posted by our beloved Igor around here (I'm
just repeating here), I would say a better (may be event the best)
approach is :
server {
listen 80;
root /www/;
location ~ \.php$ {
fastcgi_pass unix:php.sock;
}
location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
expires max;
}
location /secrets/ {
auth_basic "Restricted";
auth_basic_user_file /path/to/.htpasswd;
location ~ \.php$ {
fastcgi_pass unix:php.sock;
}
location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
expires max;
}
}
location /local-secrets/ {
allow 127.0.0.1;
deny all;
location ~ \.php$ {
fastcgi_pass unix:php.sock;
}
location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
expires max;
}
}
}
It all relies on the fact that no matter what non-regexp locations are
tried first (using the "deepest" one to match). You can find a better
explanation at http://nginx.org/en/docs/http/request_processing.html
(look for "nginx first searches for the most specific...")
Good luck with it.
A.
--
Join me on my nginx cruise : http://www.nginx-discovery.com
On Thu, Apr 7, 2011 at 8:47 PM, Thomas Love <tomlove at gmail.com> wrote:
> Hello list
> I am new to nginx. I put it into production a couple of weeks ago, and I
> have been very pleased with its efficiency and stability. But I have
> been wondering about an aspect of the location directive. The only previous
> discussion I have found of this went dead without resolution
> (http://forum.nginx.org/read.php?2,4225)
> By way of illustration, this motif was my first attempt at a configuration,
> and I suspect -- assuming I am not unusually dense -- that others coming
> from Apache will have tried it too:
> server {
> listen 80;
> root /www/;
> location ~ \.php$ {
> fastcgi_pass unix:php.sock;
> }
> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
> expires max;
> }
> location /secrets/ {
> auth_basic "Restricted";
> auth_basic_user_file /path/to/.htpasswd;
> }
> location /local-secrets/ {
> allow 127.0.0.1;
> deny all;
> }
> }
> ...and I'm aware that it's dangerously wrong. Compounding this is the fact
> that it looks - to me at least - intuitively correct. Perhaps I expected the
> location parser to be more promiscuous. The second problem is my solution:
> server {
> listen 80;
> root /www/;
> location ~ \.php$ {
> fastcgi_pass unix:php.sock;
> }
> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
> expires max;
> }
> location ^~ /secrets/ {
> auth_basic "Restricted";
> auth_basic_user_file /path/to/.htpasswd;
> location ~ \.php$ {
> fastcgi_pass unix:php.sock;
> }
> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
> expires max;
> }
> }
> location ^~ /local-secrets/ {
> allow 127.0.0.1;
> deny all;
> location ~ \.php$ {
> fastcgi_pass unix:php.sock;
> }
> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
> expires max;
> }
> }
> }
> ...which is unwieldy, at the least. Is it correct? Is it optimal? Is it wise
> to nest these locations? (Would it get more bloated not to?)
> My main question is -- assuming that the answers to the above are yes -- is
> there a configuration available or planned that's as simple as this:
> server {
> listen 80;
> root /www/;
> location continue ~ \.php$ {
> fastcgi_pass unix:php.sock;
> }
> location continue ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
> expires max;
> }
> location /public-secrets/ {
> auth_basic "Restricted";
> auth_basic_user_file /path/to/.htpasswd;
> }
> location /private-secrets/ {
> allow 127.0.0.1;
> deny all;
> }
> }
> By "location continue" I mean the parser to continue matching (sibling)
> locations after a positive match on those expressions. The order of matching
> would be the same. Is this / will this be possible?
>
> Thomas
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
>
More information about the nginx
mailing list