auth_basic not requiring Authorization
bindsocket
nginx-forum at nginx.us
Fri Jul 1 19:58:08 MSD 2011
Having a huge problem with the auth_basic. Despite putting in the exact
same lines as what I found in many examples, the web server is still
allowing access even without sending any authorization.
Relevent conf bits:
server {
listen 80;
server_name my.servers.name.com;
log_format fullCombined '$remote_addr - $http_x_forwarded_for
$remote_user [$time_local] '
'"$request" $http_content_length $status
$body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/access.log fullCombined;
error_log /var/log/nginx/error.log;
root /var/www/current/pub;
client_body_buffer_size 1024k;
## Default location
location / {
index index.php;
auth_basic "Ingester";
auth_basic_user_file .htpasswd;
rewrite ^index.php(.*)$ /index.php?/$1 last;
if (!-f $request_filename) {
rewrite ^/(.*)$ /index.php?/$1 last;
break;
}
}
## Parse all .php file in the /var/www directory
location ~ .php$ {
fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
## Disable viewing .htaccess & .htpassword
location ~ /\.ht {
deny all;
}
}
Thanks in advance,
Brian
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,211601,211601#msg-211601
More information about the nginx
mailing list