Basic authentication
Jim Ohlstein
jim at ohlste.in
Fri Jan 13 22:05:43 UTC 2017
Hello,
On 01/13/2017 04:42 PM, lacibaci wrote:
> I have a location that I would like to protect:
>
> location /private {
> satisfy any;
>
> allow 192.168.1.0/24;
> deny all;
>
> auth_basic "Protected";
> auth_basic_user_file conf/htpasswd;
> }
>
> This works for /private /private/ and /private/somefile.html
>
> However, when I request (GET or POST) /private/foo.php it will execute
> without auth.
>
> How can I set it up so everything under /private is protected?
>
The request is probably being handled by a different location (ie the
one that handles PHP requests).
See http://nginx.org/en/docs/http/ngx_http_core_module.html#location for
the order in which location is determined.
--
Jim Ohlstein
More information about the nginx
mailing list