Menu
I have setup my Nginx server to have authentication for everything, but I want to exclude all the files under /var/www/html/t/sms/plivo for password authentication. I have tried using different paths but it always asks for a password when I try to access a file under /var/www/html/t/sms/plivo from my browser.
Below is my /etc/nginx/sites-available/default file
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name _;
auth_basic "Private Property";
auth_basic_user_file /etc/nginx/.htpasswd;
#no password for the plivo folder so we can recieve messages!
location = /t/sms/plivo/ {
auth_basic off;
allow all; # Allow all to see content
}
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
864
The location = syntax matches one URI and not all of the URIs under it. Also, you should use the ^~ modifier to prevent the regular expression location blocks from interfering. See this document for the rules regarding the evaluation order for location blocks.
If you have any PHP files under /t/sms/plivo/ you will need to add a nested location block to handle those.
For example:
location ^~ /t/sms/plivo/ {
auth_basic off;
allow all; # Allow all to see content
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
That location ~ \.php$ block is in addition to the block already in your configuration with the same name. And, you probably do not need the allow all statement, unless you have some deny rules that I cannot see.
172
hope it will help anyone - we have to skip auth for ALL uri's under the url, so
location ^~ /some/location/to_skip/ {
auth_basic off;
try_files $uri $uri/ /index.html;
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
