The
nginx location directive documentation suggests that regular expressions can be used - the following should be sufficient to protect the contents of directories:
Code:
# Password Protect important Directories
location ~ /(admincp/.*|modcp/.*|includes/.*|install/.*) {
auth_basic "Restricted";
auth_basic_user_file /home/username/.htpasswd/passwd;
}