Protect /analytics on Nginx with basic authentication, but allow access to .php and .js files??
lmm5247
nginx-forum at nginx.us
Thu Feb 12 21:11:21 UTC 2015
> What actual requests are made that are challenged for
> authentication? Check your access_log for http 401.
>
> At a guess, it is just /analytics/piwik.js that you care about here.
>
> So: add
>
> location = /analytics/piwik.js {auth_basic off;}
>
> inside your "location /analytics {}" block.
>
> (This will try to serve the file "/var/www/piwik//piwik.js", given the
> above configuration.)
Wow. I feel so dumb. That worked perfectly! Below is the config I'm using to
turn off authentication for piwik.js as well as .php files.
location /analytics {
alias /var/www/piwik/;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/pass;
try_files $uri $uri/ /index.php;
location = /analytics/piwik.js{
auth_basic off;
}
location ~* ^/analytics(.+\.php)$ {
auth_basic off;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Thank you!!!
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,256585,256630#msg-256630
More information about the nginx
mailing list