I have a problem with NGINX basic_auth.
I want to secure all my website and exclude one location.
website.fr = secure website.fr/commande/validation/summary = unsecure
It works but when i cancel authentification, display website without CSS. I want to have a 401 error authentification required.
Can you help me please?
Here my nginx.conf
server {
listen 80; ## listen for ipv4; this line is default and implied
server_name website.fr;
access_log /var/log/nginx/localhost.access.log;
error_log /var/log/nginx/localhost.error.log;
root /var/www/website/web;
index app_test.php
# Limitation d'accés
client_max_body_size 20M;
#Default Location
location / {
#auth_basic "protection";
#auth_basic_user_file /var/www/website/web/.htpasswd;
root /var/www/actuanimau
x/web;
index app_test.php;
auth_basic "protection";
auth_basic_user_file /var/www/website/web/.htpasswd;
if (-f $request_filename) {
break;
}
rewrite "^/([a-zA-Z]{0,10})\/?media\/(tmp|user|animal|article|association|common_content|event|product)\/(.{36})\/.*_(min|moy|med|small|photo|zoom|pano)\.(.{3,4})$" /$1/media/$2/$3_$4.$5 break;
rewrite "^/([a-zA-Z]{0,10})\/?media\/(tmp|user|animal|article|association|common_content|event|product)\/(.{36})\/.*\.(.{3,4})$" /$1/media/$2/$3.$4 break;
rewrite "^/([a-zA-Z]{0,10})\/?upload\/(animal|association|ckeditor)\/(.{36})\/.*\.(.{3,4})$" /$1/upload/$2/$3.$4 break;
rewrite ^(.*)$ /app_test.php last;
}
## Images and static content is treated different
location ~* ^(media|upload)/[^/]+/[^/]+\.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
access_log off;
expires 30d;
root /var/www/website/web;
}
## Parse all .php file in the /var/www directory
location ~ .php$ {
satisfy any;
#auth_basic "Authentification Required";
#auth_basic_user_file /var/www/website/web/.htpasswd;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/website/web/$fastcgi_script_name;
include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 128;
fastcgi_read_timeout 128;
fastcgi_buffer_size 256k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
location = ~/commande/validation/summary {
auth_basic off;
allow all;
}
##Disable viewing .htaccess & .htpassword
location ~ /\.ht {
#deny all;
allow all;
}
upstream backend {
server 127.0.0.1:9000;
}
You will need to repeat the auth_basic
directives inside the location
block for your PHP, too. They are not "inherited". Nginx uses only the most specific match.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.