Hi, all
I have some problem with my nginx
I just could not restrict files in certain floder, as follows, i put the
settings to nginx.conf
location ~ ^/restrict/
{
auth_basic "STATISTIC";
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
}
the folder /restrict/ is restricted perfect, however, files in the
folder can still be accessed,
/restrict/somefile.php
What’s the matter? any ideas?
Thanks in advance.
Regards,
gavin
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,68890,68890#msg-68890
Hi Gavin,
the folder /restrict/ is restricted perfect, however, files in the folder can still be accessed,
/restrict/somefile.php
What’s the matter? any ideas?
The problem is you somewhat have to rethink how NginX process the
request. read here for more details
http://nginx.org/en/docs/http/request_processing.html#simple_php_site_configuration
but to sum it up you probably have a something like
location ~ .*.php${
}
in your config which actually handles the /restrict/somefile.php instead
of
location ~ ^/restrict/ { }
there is two ways to remidy this. you can do something like
location ~ ^/restrict/.*.php$ {
#rest of auth config
}
or you can do sub-locations note this is the only instance that i have
read where it is safe to do nested locations. YMMV
location ~ ^/restrict/
{
auth_basic “STATISTIC”;
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
location ~ .*.php$ {
#include your php config for processing ie proxy_pass or
fastcgi_pass
}
}
v/r,
Rob
Rob S. Wrote:
auth_basic_user_file
location ~ ^/restrict/ { }
v/r,
Rob
nginx mailing list
[email protected]
http://nginx.org/mailman/listinfo/nginx
Hi, Rob
Great thanks for your quick reply. I have tried your suggestion out, and
add the following config:
location ~ ^/restrict/
{
auth_basic "STATISTIC";
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
}
location ~ ^/restrict/.*\.php$
{
auth_basic "STATISTIC";
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
}
However, it is still not working. No authorization is required when I
try to get access to a certain page in the restricted folder.
V/R,
gavin
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,68890,68944#msg-68944
Hi, Rob
Great thanks for your quick reply. I have tried your suggestion out, and
add the following config:
location ~ ^/restrict/
{
auth_basic “STATISTIC”;
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
}
location ~ ^/restrict/.*.php$
{
auth_basic “STATISTIC”;
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
}
However, it is still not working. No authorization is required when I
try to get access to a certain page in the restricted folder.
V/R,
gavin
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,68890,68928#msg-68928