我有一个使用Symfony2框架编写并在Nginx服务器上运行的项目。 目标是用auth_basic保护它。
我在nginx配置文件中做了什么:
location ~ \.php(/|$) {
auth_basic 'RESTRICTED ACCESS';
auth_basic_user_file /var/www/my.passwd;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
但是,当我尝试访问该页面并填写用户名和密码时,它会一次又一次地询问我。
我在页面上有一些重定向:
server {
listen 80;
server_name example.com;
rewrite ^ http://www.example.com$uri permanent;
}
server {
listen 80;
listen 443 default_server ssl;
ssl_certificate ssl2013/myssl.crt;
ssl_certificate_key ssl2013/myssl.key;
keepalive_timeout 70;
set $asset_dir /var/www/example.com/web/bundles/mdpimain;
server_name www.example.com;
root /var/www/example.com/web;
# strip app.php/ prefix if it is present
rewrite ^/app\.php/?(.*)$ /$1 permanent;
# rewrite home
rewrite ^/home/? / permanent;
# remove trailing slash
rewrite ^/(.*)/$ /$1 permanent;
# remove index.php
rewrite ^[/](.*)/index\.php$ /$1 permanent;
# sitemap redirection
rewrite ^/sitemap_(.*)$ /sitemap/$1 last;
location / {
index app.php;
if (-f $request_filename) {
break;
}
rewrite ^(.*)$ /app.php/$1 last;
}
EDIT1。
另一个细节:我使用的密码和用户都没问题,因为nginx error.log中没有日志,所以存在重定向问题。
答案 0 :(得分:1)
尝试检查$remote_user,如果为空,则返回403。
编辑这对我有用。
server {
listen 80;
server_name www.example.com;
auth_basic 'RESTRICTED ACCESS';
auth_basic_user_file /var/web/my.passwd;
set $ok "no";
if ($remote_user ~ ^$) { break; }
if ($remote_user != '') { set $ok "yes"; }
if ($ok != "yes") {
return 403;
}
# Path for static files
root /var/web/public_html;
location / {
# try to serve file directly, fallback to app.php
try_files $uri /app_dev.php$is_args$args;
}
location ~ ^/(app|app_dev|config)\.php(/|$) {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
}