Nginx Basic Auth处理目录,但不处理文件

时间:2015-12-30 11:08:02

标签: authentication nginx basic-authentication

我刚刚开始研究nginx,在使用apache多年后切换到它。目前,我正在尝试使用HTTP Basic Auth。有了配置,如果我转到https://www.website.com/doe,我会在Chrome中获得一个基本身份验证对话框。但是 - 如果我尝试去域https://www.website.com/doe/importanttext.csv - 它不会要求auth,而只是下载文件。如何完整地保护文件夹 - 包含所有内容?

由于

server {
[SSL and Server Stuff]

    location ^~ /doe/ {
            auth_basic "Admin Access";
            auth_basic_user_file  /var/www/doe/.htpasswd;
    }


    location / {
            try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
            try_files $uri = 404;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
    }

    location ~ /\.ht {
            deny all;
    }

}

1 个答案:

答案 0 :(得分:0)

我发现了我的错误,我正在使用

auth_basic "Admin Access";

但是,要保护文件夹中的文件,需要

auth_basic "Restricted";

如果找到匹配的匹配项,Nginx将停止查找位置匹配,然后仅在此路径中导航。因此,如果我还想在受保护的子文件夹中使用php和.ht保护,我还需要在那里包含这些指令 - 如下所示。

server {
[SSL and Server Stuff]

location ^~ /doe/ {
        auth_basic "Admin Access";
        auth_basic_user_file  /var/www/doe/.htpasswd;

location ~ \.php$ {
        try_files $uri = 404;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
}

location ~ /\.ht {
        deny all;
}
}


location / {
        try_files $uri $uri/ =404;
}

location ~ \.php$ {
        try_files $uri = 404;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
}

location ~ /\.ht {
        deny all;
}

}