0

I have configured nginx to password protect a directory using auth_basic. The password prompt comes up and the login works fine.

However... if I refuse to type in my credentials, and instead hit escape multiple times in a row, the page will eventually load w/o CSS and images.

In other words, continuously telling the login prompt to go away will at some point allow the page to load anyway.

Is this an issue with nginx, or my configuration?

Here is my virtual host:

31 server { 32 server_name sub.domain.com; 33 root /www/sub.domain.com/; 34 35 location / { 36 index index.php index.html; 37 root /www/sub.domain.com; 38 auth_basic "Restricted"; 39 auth_basic_user_file /www/auth/sub.domain.com; 40 error_page 404 = /www/404.php; 41 } 42 43 location ~ \.php$ { 44 include /usr/local/nginx/conf/fastcgi_params; 45 } 46 }

My server runs CentOS + nginx + php-fpm + xcache + mysql

Improve this question

1 Answer 1

Reset to default
4

Your configuration, nginx will use only the most specific location block. So when you request a *.php file it will use the location ~ .php$ block and not see the auth basic configuration.

The reason your .css, .js etc files work is because these do not match the PHP location block

You will need to add your auth basic configuration to the php file location block as well.

Improve this answer
2
  • 1
    Or just move it to server block, not location Commented Dec 27, 2012 at 6:10
  • 1
    If you want it to block everything for that domain then yes, move it to the server block. Commented Dec 28, 2012 at 5:59

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.