Menu
Coming from apache2 one feature I can not achieve; require authentication only to external access but free access to users on my local network. Any ideas how to handle easily this scenario?
Any help would be appreciated.
450
Restricting Directory AccessLog in to the web server. Locate the Nginx configuration template (see "Locating the Nginx configuration file"). Add the deny directive (see "The Deny Directive") to the server block of your site's configuration. Save your changes and restart Nginx.
To perform authentication, NGINX makes an HTTP subrequest to an external server where the subrequest is verified. If the subrequest returns a 2xx response code, the access is allowed, if it returns 401 or 403 , the access is denied.
If you protected your website with nginx basic_auth , and want to disable it for just one (or maybe some specific locations), you can use basic_auth off for that location and the authorization won't be required.
auth_basic. auth_basic_user_file. The ngx_http_auth_basic_module module allows limiting access to resources by validating the user name and password using the “HTTP Basic Authentication” protocol. Access can also be limited by address, by the result of subrequest, or by JWT.
I've deleted my previous answer and would like to suggest a solution I've provided below
I did a little search and found this solution to your problem - In code, where you use auth_basic directive, make such changes:
satisfy any;
allow 10.0.0.1/8; // give access for all internal request
deny all;
auth_basic "...."; // your auth_basic code goes here
auth_basic_user_file ...; // your auth_basic_user_file goes here
How it works? satisfy directive implies that any or all from next coming access rules must be passed to give access to resource. You can find more details here: satisfy
This should fit your problem perfectly ;)
193
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
