Allow access to only a specific user from a htpasswd file

Dave Hayes dave at
Mon Aug 8 04:01:24 UTC 2011

Leigh Dyer <lsd at> writes:
> I've tried testing the value of $remote_user -- this is what I have at 
> the moment:
> location /foo {
>          auth_basic "Foo";
>          auth_basic_user_file "foo-htpasswd";

>          if ($remote_user = "leigh") {
>                  proxy_pass;
>          }
> }
> This mostly works, but if you log in with an account other than "leigh" 
> that's in the password file, the browser returns a 404 and no longer 
> prompts for login details. 

Just a suggestion, and I'm by no means an expert, but I may have begun
to learn how if blocks really work. Try this:

 location /foo {
          auth_basic "Foo";
          auth_basic_user_file "foo-htpasswd";
          if ($remote_user != "leigh") {
              return 403;

and see if that helps.
Dave Hayes - Consultant - Altadena CA, USA - dave at 
>>> The opinions expressed above are entirely my own <<<

It's easier to fight for one's principles than to live up to them.

More information about the nginx mailing list