Disable auth_basic for unique (set of) URL

B.R. reallfqq-nginx at yahoo.fr
Thu Dec 27 14:57:16 UTC 2012


I found inspiration
here<http://serverfault.com/questions/119076/how-to-use-fastcgi-globally-and-basic-auth-in-sublocations-in-nginx>
.

I then tried to solve my problem with:

location /thisfile.php {
    auth_basic off;

# Start of *exact* copy
    location ~ \.php$ {
        FastCGI stuff here...
    }
# End of *exact* copy
}

location ~ \.php$ {
    FastCGI stuff here...
}

I don't like this solution because it makes me copying my FastCGI work.
What if one day I am to modify it? I'll probably forget there are 2 places
to check...

But it seems to work.

Any better idea?

Another point:
If I set 'location = /thisfile.php' rather than 'location /thisfile.php',
Nginx insults me with 'nginx: [emerg] location "\.php$" cannot be inside
the exact location "/thisfile.php"' again. Bug or feature?

---
*B. R.*


On Thu, Dec 27, 2012 at 8:36 AM, B.R. <reallfqq-nginx at yahoo.fr> wrote:

> Hello,
>
> I am using the auth_basic directive to restrict access to a whole server
> (auth_basic server-wide set, not in any particular location).
> Since I am using php, I am also using:
>
> location ~ \.php$ {
>     FastCGI stuff here...
> }
>
> to forward my request to the PHP application.
>
> Now, I would like to remove the auth_basic authentication for a very
> unique and specific location: thisfile.php
>
> I first tried:
>
> location ~ \.php$ {
>     location = /thisfile.php {
>         auth_basic off;
>     }
>     FastCGI stuff here...
> }
>
> but Nginx said:
> nginx: [emerg] location "/thisfile.php" is outside location "\.php$" in
> .../nginx/conf.d/mystupid.conf:69
> nginx: configuration file .../nginx/nginx.conf test failed
>
> I then tried:
>
> location ~ \.php$ {
>     location ~ ^/thisfile.php$ {
>         auth_basic off;
>     }
>     FastCGI stuff here...
> }
>
> But of course now the FastCGI part does not server the request and the
> PHP file is sent for download...
>
> What king of clean solution do I have?
> Am I forced to place the auth_basic in all my 'location' blocks but one,
> which would be for 'thisfile.php'?
>
> Thanks,
> ---
> *B. R.*
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20121227/7464116c/attachment.html>


More information about the nginx mailing list