Password protection and fastcgi

Hello,

i have a problem with a password protected folder and fastcgi php:
server {
root /foo/;

location ~ .php$ {
fastcgi_pass foo;
include fastcgi_parms;
}
location ^~ /passwordprotected {
auth_basic “foo”;
auth_basic_user_file foo;
}
}

The protection works fine, but php don’t work. Then i added the
fastcgi_pass part to my new location, but then images will be parsed
too.

What’s the right way to protect folders?

Thanks

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,220335,220335#msg-220335

The right way is to add the auth basic directives to the PHP location as
nginx will only ever execute one location. So in your pasted config, if
nginx gets a request for /passwordprotected/index.php then it won’t be
protected.

Of course, if you only want PHP files in that directory to be protected
then you need a 2nd PHP location.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,220335,220336#msg-220336

Ensiferous Wrote:

The right way is to add the auth basic directives
to the PHP location as nginx will only ever
execute one location. So in your pasted config, if
nginx gets a request for
/passwordprotected/index.php then it won’t be
protected.

Thanks,

how can i add them to the same direction? I don’t want to protect all
files, ionly files in the specific folder.
Something like that don’t work:

server {
root /foo/;

location ~ .php$ {
fastcgi_pass foo;
include fastcgi_parms;

location ^~ /passwordprotected {
auth_basic “foo”;
auth_basic_user_file foo;
}

}

}

Thanks

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,220335,220357#msg-220357

On Wednesday 21 December 2011 17:47:43 Veerle wrote:

Thanks,
include fastcgi_parms;

location ^~ /passwordprotected {
auth_basic “foo”;
auth_basic_user_file foo;
}

}

}

location ^~ /passwordprotected {
auth_basic “foo”;
auth_basic_user_file foo;

  location ~ \.php$ {
      fastcgi_pass foo;
      include fastcgi_parms;
  }

}

wbr, Valentin V. Bartenev

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs