Password protection and fastcgi

Ensiferous nginx-forum at nginx.us
Wed Dec 21 02:56:57 UTC 2011


The right way is to add the auth basic directives to the PHP location as
nginx will only ever execute one location. So in your pasted config, if
nginx gets a request for /passwordprotected/index.php then it won't be
protected.

Of course, if you only want PHP files in that directory to be protected
then you need a 2nd PHP location.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,220335,220336#msg-220336



More information about the nginx mailing list