the folder /restrict/ is restricted perfect, however, files in the folder can still be accessed,
/restrict/somefile.php
What’s the matter? any ideas?
The problem is you somewhat have to rethink how NginX process the
request. read here for more details http://nginx.org/en/docs/http/request_processing.html#simple_php_site_configuration
but to sum it up you probably have a something like
location ~ .*.php${
}
in your config which actually handles the /restrict/somefile.php instead
of
location ~ ^/restrict/ { }
there is two ways to remidy this. you can do something like
location ~ ^/restrict/.*.php$ { #rest of auth config
}
or you can do sub-locations note this is the only instance that i have
read where it is safe to do nested locations. YMMV
location ~ ^/restrict/
{
auth_basic “STATISTIC”;
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
location ~ .*.php$ { #include your php config for processing ie proxy_pass or
fastcgi_pass
}
}
Great thanks for your quick reply. I have tried your suggestion out, and
add the following config:
location ~ ^/restrict/
{
auth_basic “STATISTIC”;
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
}
location ~ ^/restrict/.*.php$
{
auth_basic “STATISTIC”;
auth_basic_user_file /usr/local/nginx/conf/pwfornginx
}
However, it is still not working. No authorization is required when I
try to get access to a certain page in the restricted folder.
V/R,
gavin
Posted at Nginx Forum:
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.