Disable auth_basic for unique (set of) URL

Francis Daly francis at daoine.org
Sat Dec 29 17:34:37 UTC 2012

On Thu, Dec 27, 2012 at 09:57:16AM -0500, B.R. wrote:

Hi there,

http://nginx.org/en/docs/http/request_processing.html is probably useful
to read.

nginx has that one request is handled in one location. Having learned
those rules, I find nginx.conf (relatively) easy to read.

> I then tried to solve my problem with:
> location /thisfile.php {
>     auth_basic off;
> # Start of *exact* copy
>     location ~ \.php$ {
>         FastCGI stuff here...
>     }
> # End of *exact* copy
> }
> location ~ \.php$ {
>     FastCGI stuff here...
> }
> I don't like this solution because it makes me copying my FastCGI work.

I don't have a problem with copying the FastCGI stuff. I'd probably just
use "include my-fastcgi-config" in two places and not worry about it.

I don't like the solution above because it doesn't do what you want. It
will ask for authentication when you request /thisfile.php.

> What if one day I am to modify it? I'll probably forget there are 2 places
> to check...

Either use an aid to remember, or don't repeat the things that are
common to multiple places in the config file. You can use the nginx
"include" directive; or you can use whatever macro processor you prefer
to generated nginx.conf.

> But it seems to work.

Test again. Use "curl" -- it doesn't tend to use a cache or hide things
from you.

> Any better idea?

  location = /thisfile.php {
    auth_basic off;
    include my-fastcgi-config;
  location ~ \.php$ {
    include my-fastcgi-config;
But really I'd probably try to avoid the top-level regex location. And,
depending on what else is involved, I might just "include fastcgi.conf"
once at server level, and then "fastcgi_pass" in the locations where I
want the request to be handled by the fastcgi server.

> Another point:
> If I set 'location = /thisfile.php' rather than 'location /thisfile.php',
> Nginx insults me with 'nginx: [emerg] location "\.php$" cannot be inside
> the exact location "/thisfile.php"' again. Bug or feature?

That nginx reports a dubious config? Feature.

That you consider it an insult? Bug.

In my opinion.

Francis Daly        francis at daoine.org

More information about the nginx mailing list