auth_basic not requiring Authorization

Igor Sysoev igor at sysoev.ru
Fri Jul 1 22:27:59 MSD 2011 

On Jul 1, 2011, at 19:58 , bindsocket wrote:

> Having a huge problem with the auth_basic.  Despite putting in the exact
> same lines as what I found in many examples, the web server is still
> allowing access even without sending any authorization.
> Relevent conf bits:
> 
> server {
>    listen 80;
>    server_name  my.servers.name.com;
>    log_format fullCombined '$remote_addr - $http_x_forwarded_for
> $remote_user [$time_local]  '
>                            '"$request" $http_content_length $status
> $body_bytes_sent '
>                            '"$http_referer" "$http_user_agent"';
>    access_log  /var/log/nginx/access.log fullCombined;
>    error_log /var/log/nginx/error.log;
> 
>    root /var/www/current/pub;
> 
>    client_body_buffer_size 1024k;
> 
> ## Default location
>    location / {
>        index  index.php;
> 
>        auth_basic "Ingester";
>        auth_basic_user_file .htpasswd;
> 
>        rewrite ^index.php(.*)$ /index.php?/$1 last;
>        if (!-f $request_filename) {
>                rewrite ^/(.*)$ /index.php?/$1 last;
>                break;
>        }
> 
>    }
> ## Parse all .php file in the /var/www directory
>    location ~ .php$ {
>        fastcgi_pass   backend;
>        fastcgi_index  index.php;
>        fastcgi_param  SCRIPT_FILENAME 
> $document_root$fastcgi_script_name;
>        include /etc/nginx/fastcgi_params;
>        fastcgi_param  QUERY_STRING     $query_string;
>        fastcgi_param  REQUEST_METHOD   $request_method;
>        fastcgi_param  CONTENT_TYPE     $content_type;
>        fastcgi_param  CONTENT_LENGTH   $content_length;
>        fastcgi_intercept_errors        on;
>        fastcgi_ignore_client_abort     off;
>        fastcgi_connect_timeout 60;
>        fastcgi_send_timeout 180;
>        fastcgi_read_timeout 180;
>        fastcgi_buffer_size 128k;
>        fastcgi_buffers 4 256k;
>        fastcgi_busy_buffers_size 256k;
>        fastcgi_temp_file_write_size 256k;
>    }
> 
> ## Disable viewing .htaccess & .htpassword
>    location ~ /\.ht {
>        deny  all;
>    }
> }

   location / {
       index  index.php;

       auth_basic "Ingester";
       auth_basic_user_file .htpasswd;

       try_files  $uri  /index.php?$uri;

       location ~ ^/index.php(/.*)$ {
           fastcgi_index  index.php;
           fastcgi_param  SCRIPT_FILENAME   $document_root$index.php;
           include /etc/nginx/fastcgi_params;
           fastcgi_param  QUERY_STRING     $1;
           ...
       }

       location ~ \.php$ {
           fastcgi_pass   backend;
           fastcgi_index  index.php;
           fastcgi_param  SCRIPT_FILENAME   $document_root$fastcgi_script_name;
           include /etc/nginx/fastcgi_params;
           fastcgi_param  QUERY_STRING     $query_string;
           ...
       }

   }

## Disable viewing .htaccess & .htpassword
   location ~ /\.ht {
       deny  all;
   }
}


--
Igor Sysoev
http://sysoev.ru/en/

More information about the nginx mailing list