Protect a specific php file
voidandany
nginx-forum at nginx.us
Thu Jan 12 16:21:40 UTC 2012
Hello,
On my server I have a php app in a subfolder of my root, so basically
I've made the following nginx configuration :
server {
listen 80;
server_name www.domain.fr;
root /var/www/domain.fr;
access_log /var/log/nginx/access.log ;
location /myapp {
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}
}
And it's work now in this app I want to protect the index.php file and
only this one, so I try this :
location /myapp {
location ^~ /myapp/index.php {
auth_basic "Private Section";
auth_basic_user_file $document_root/.htpasswd;
location ~ \.php$ {
include
/etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}
I had to duplicate the php location, is there an another way ?
It work with IE8 but not with Chrome !!
With Chrome the complete URL (http://www.domain.fr/myapp/index.php) is
correctly protected but not this one http://www.domain.fr/myapp/
In this case the php file is downloaded...
Any idea why ? Any solution ?
Thanks a lot
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,221094,221094#msg-221094
More information about the nginx
mailing list