Disabling basic_auth with rewrites
Maxim Dounin
mdounin at mdounin.ru
Thu May 19 22:10:59 MSD 2011
Hello!
On Thu, May 19, 2011 at 12:43:03PM -0400, klausi wrote:
> Maxim Dounin Wrote:
> -------------------------------------------------------
> >
> > location / {
> > auth_basic "protected";
> > auth_basic_user_file
> > /etc/nginx/htpasswd/protected;
> > ...
> >
> > location ~ \.php$ {
> > fastcgi_pass ...
> > ...
> > }
> > }
> >
> > location /feeds/importer/ {
> > ...
> >
> > location ~ \.php$ {
> > fastcgi_pass ...
> > ...
> > }
> > }
>
> Thanks for the quick reply, nested locations are nice, but they do not
> help in this special case. A request to /feeds/importer/* has to be
> rewritten to /index.php?q=feeds/importer/* and that should not be
> protected. Is unprotecting a path with a special query possible at all?
Ah, sorry, I missed you actually want /feeds/importer/... to be
fully handled by index.php. This makes configuration even
simplier:
location / {
auth_basic ...
...
location ~ \.php$ {
fastcgi_pass ...
...
}
}
location /feeds/importer/ {
rewrite ^/(.*) /index.php?q=$1? break;
fastcgi_pass ...
...
}
Note that the only goal of rewrite is to properly change url while
correctly escaping new arguments and stripping old ones (note
trailing '?'), as you probably don't want to allow unauthenticated
users to supply arbitrary arguments to your index.php. Due to
'break' request doesn't leave the location in question after
rewrite and processed there.
Maxim Dounin
More information about the nginx
mailing list