Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Nginx authentication except those on local network

Coming from apache2 one feature I can not achieve; require authentication only to external access but free access to users on my local network. Any ideas how to handle easily this scenario?

Any help would be appreciated.

like image 450
Stefan Avatar asked Jan 24 '13 16:01

Stefan


People also ask

How do I restrict access to nginx?

Restricting Directory AccessLog in to the web server. Locate the Nginx configuration template (see "Locating the Nginx configuration file"). Add the deny directive (see "The Deny Directive") to the server block of your site's configuration. Save your changes and restart Nginx.

How do I authenticate with nginx?

To perform authentication, NGINX makes an HTTP subrequest to an external server where the subrequest is verified. If the subrequest returns a 2xx response code, the access is allowed, if it returns 401 or 403 , the access is denied.

How do I disable nginx authentication?

If you protected your website with nginx basic_auth , and want to disable it for just one (or maybe some specific locations), you can use basic_auth off for that location and the authorization won't be required.

What is Auth_basic in nginx?

auth_basic. auth_basic_user_file. The ngx_http_auth_basic_module module allows limiting access to resources by validating the user name and password using the “HTTP Basic Authentication” protocol. Access can also be limited by address, by the result of subrequest, or by JWT.


1 Answers

I've deleted my previous answer and would like to suggest a solution I've provided below

I did a little search and found this solution to your problem - In code, where you use auth_basic directive, make such changes:

satisfy    any;
allow      10.0.0.1/8;   // give access for all internal request
deny       all;
auth_basic "....";        // your auth_basic code goes here
auth_basic_user_file ...; // your auth_basic_user_file goes here

How it works? satisfy directive implies that any or all from next coming access rules must be passed to give access to resource. You can find more details here: satisfy

This should fit your problem perfectly ;)

like image 193
Michał Kupisiński Avatar answered Nov 03 '22 02:11

Michał Kupisiński