Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

nginx: auth_basic and php

Tags:

authentication

php

nginx

i want to protect a folder of my website with a password using auth_basic. This folder contains php-scripts which should be executed if they are requested.

I tried the following:

location /admin {
  auth_basic    "Admin-Section";
  auth_basic_user_file /myfolder/.htpasswd;
 }

 location ~ ^/admin/.*\.php$ {
  auth_basic    "Admin-Section";
  auth_basic_user_file /myfolder/.htpasswd;
  fastcgi_pass 127.0.0.1:9000;
  fastcgi_index index.php;
  fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
  include   fastcgi_params;
 }

I will be asked for username/password when requesting the php-scripts in that admin-folder, but the php-scripts will always be downloaded instead of executed via fastcgi.

What am i doing wrong?

EDIT: On my local machine everything works fine with this configuration. o0
EDIT: BTW, php is working outside the admin-folder with the same fastcgi-options.
EDIT: OMG! The site's config was stored at /etc/nginx/sites-available/mysite and /etc/nginx/sites-enabled/ contained a symlink to the mysite-file. Since some time changing the mysite-file had no effect. E.g. changing all locations to "deny all" had no effect. The files were sent without a problem.
So i removed the symlink and restarted the server. Then i created the symlink again, restarted the server and everything works as expected. Can someone explain the odd behaviour?

Gest regards,
Biggie

like image 964
Biggie Avatar asked Jan 14 '11 23:01

Biggie

1 Answers

With this configuration, nginx will only match one of the two blocks - the one with the highest precedence.

The solution is to combine the PHP block into the AUTH block. This is the approach recommended by the nginx author himself, Igor Sysoev.

location /admin/ {
  auth_basic    "Admin-Section";
  auth_basic_user_file /myfolder/.htpasswd;
  location ~ \.php$ {
   fastcgi_pass  127.0.0.1:9000;
   fastcgi_index index.php;
   fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
   include       fastcgi_params;
  }
}

location ~ \.php$ {
  fastcgi_pass  127.0.0.1:9000;
  fastcgi_index index.php;
  fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
  include       fastcgi_params;
}
like image 150
fisharebest Avatar answered Sep 21 '22 13:09

fisharebest
Sign in to Comment

Related questions

Is it better to handle friendly/clean/pretty URLs with mod_rewrite or a language like PHP?
Japanese Date in this format
Parsing of badly formatted HTML in PHP
pgsql.so is not loaded in PHP
How can I compare MySQL Versions in PHP?
PHP vs OO PHP - Which one to use? [closed]
Signal handling on Windows
getting json_encode to not escape html entities
Protect website from Backdoor/PHP.C99Shell aka Trojan.Script.224490
How can I use fixtures in Doctrine 2?
Current URI Segment in CodeIgniter
php mongodb : Call to undefined method MongoDB::insert() in db.php
what aspect to develop first in a website?
Login/Registration System with php and mysql
PHP: order of operators in a comparison null
Correct way of outputting a large block of HTML in PHP
How does PHP actually work? [closed]
Tips for building a site like stackoverflow
Does unsetting array values during iterating save on memory?
Netsuite: How to attach custom fields to sales orders

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!