Password Protect in NGINX

webwizzy · #1 (**permalink**) 03-08-2009, 05:14 AM

Hello,

I have a problem with the below code, searched a lot, tried a lot of alternatives, but just cannot get it to work.

Code:

# Password Protect important Directories
location ~ /(admincp/|modcp/|includes/|install/) {
auth_basic            "Restricted";
auth_basic_user_file   /home/username/.htpasswd/passwd;
}

The above code works good enough and protects the 4 directories as desired. BUT it does not protect admincp/index.php OR any other file (in any of the folders) if directly opened. For example:-

/admincp -> Is protected
/admincp/ -> Is protected
/admincp/index.php -> Is not protected

What should I do?

Thanks

webwizzy · #2 (**permalink**) 03-09-2009, 06:16 PM

For the above problem, the password rules when moved above FastCGI rules, solves the problem.

DanL@VPSLink · #3 (**permalink**) 03-09-2009, 07:09 PM

The nginx location directive documentation suggests that regular expressions can be used - the following should be sufficient to protect the contents of directories:

Code:

# Password Protect important Directories
location ~ /(admincp/.*|modcp/.*|includes/.*|install/.*) {
auth_basic            "Restricted";
auth_basic_user_file   /home/username/.htpasswd/passwd;
}

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode