auth_basic and satisfy allowing all traffic
Francis Daly
francis at daoine.org
Sat Apr 15 08:32:34 UTC 2017
On Fri, Apr 14, 2017 at 03:26:41PM -0400, daveyfx wrote:
Hi there,
> I tested the same server configuration as your example, but the testing VM
> produced the same results. The satisfy/allow/deny directives allow
> bypassing of the basic_auth. Once those entries have been commented out,
> auth works as expected.
>
> Would there be additional steps involved in determining if this is, in fact,
> a bug?
In this case, I suggest building a reproducible test case.
Assuming that you use "default" config files, then "nginx -V" will show
information about what version you are using; "nginx -T" will show the
configuration actually being used, and provide "curl -v" or "curl -i"
commands that show the unexpected behaviour. nginx logs for the requests
should also show what source IP address nginx thinks the requests are
coming from.
Copy-paste; do not re-type. Make it so that the differences between a
working and a failing system are obvious.
Good luck with it,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list