The location directive

Antoine Bonavita antoine.bonavita at gmail.com
Thu Apr 7 22:59:19 MSD 2011


>From previous examples posted by our beloved Igor around here (I'm
just repeating here), I would say a better (may be event the best)
approach is :
server {
        listen          80;
        root            /www/;

location ~ \.php$  {
                fastcgi_pass    unix:php.sock;
}

        location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
                expires max;
        }

        location /secrets/  {
          auth_basic            "Restricted";
          auth_basic_user_file  /path/to/.htpasswd;
 location ~ \.php$  {
                fastcgi_pass    unix:php.sock;
 }
          location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
                expires max;
          }
        }

        location /local-secrets/ {
          allow 127.0.0.1;
          deny all;
 location ~ \.php$  {
                fastcgi_pass    unix:php.sock;
 }
          location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
                expires max;
          }
        }
}

It all relies on the fact that no matter what non-regexp locations are
tried first (using the "deepest" one to match). You can find a better
explanation at http://nginx.org/en/docs/http/request_processing.html
(look for "nginx first searches for the most specific...")

Good luck with it.

A.
--
Join me on my nginx cruise : http://www.nginx-discovery.com

On Thu, Apr 7, 2011 at 8:47 PM, Thomas Love <tomlove at gmail.com> wrote:
> Hello list
> I am new to nginx. I put it into production a couple of weeks ago, and I
> have been very pleased with its efficiency and stability. But I have
> been wondering about an aspect of the location directive. The only previous
> discussion I have found of this went dead without resolution
> (http://forum.nginx.org/read.php?2,4225)
> By way of illustration, this motif was my first attempt at a configuration,
> and I suspect -- assuming I am not unusually dense -- that others coming
> from Apache will have tried it too:
> server {
>         listen          80;
>         root            /www/;
> location ~ \.php$  {
>                 fastcgi_pass    unix:php.sock;
> }
>         location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
>                 expires max;
>         }
>         location /secrets/  {
>           auth_basic            "Restricted";
>           auth_basic_user_file  /path/to/.htpasswd;
>         }
>         location /local-secrets/ {
>           allow 127.0.0.1;
>           deny all;
>         }
> }
> ...and I'm aware that it's dangerously wrong. Compounding this is the fact
> that it looks - to me at least - intuitively correct. Perhaps I expected the
> location parser to be more promiscuous. The second problem is my solution:
> server {
>         listen          80;
>         root            /www/;
> location ~ \.php$  {
>                 fastcgi_pass    unix:php.sock;
> }
>         location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
>                 expires max;
>         }
>         location ^~ /secrets/  {
>           auth_basic            "Restricted";
>           auth_basic_user_file  /path/to/.htpasswd;
>  location ~ \.php$  {
>                 fastcgi_pass    unix:php.sock;
>  }
>           location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
>                 expires max;
>           }
>         }
>         location ^~ /local-secrets/ {
>           allow 127.0.0.1;
>           deny all;
>  location ~ \.php$  {
>                 fastcgi_pass    unix:php.sock;
>  }
>           location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
>                 expires max;
>           }
>         }
> }
> ...which is unwieldy, at the least. Is it correct? Is it optimal? Is it wise
> to nest these locations? (Would it get more bloated not to?)
> My main question is -- assuming that the answers to the above are yes -- is
> there a configuration available or planned that's as simple as this:
> server {
>         listen          80;
>         root            /www/;
> location continue ~ \.php$  {
>                 fastcgi_pass    unix:php.sock;
> }
>         location continue ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {
>                 expires max;
>         }
>         location /public-secrets/  {
>           auth_basic            "Restricted";
>           auth_basic_user_file  /path/to/.htpasswd;
>         }
>         location /private-secrets/ {
>           allow 127.0.0.1;
>           deny all;
>         }
> }
> By "location continue" I mean the parser to continue matching (sibling)
> locations after a positive match on those expressions. The order of matching
> would be the same. Is this / will this be possible?
>
> Thomas
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
>



More information about the nginx mailing list