Nginx的auth_basic

Question

我對NGINX basic_auth有問題。

我想保護我所有的網站並排除一個位置。

website.fr =安全website.fr/commande/validation/summary =不安全

它有效，但是當我取消身份驗證時，顯示不帶CSS的網站。 我想要一個401錯誤驗證。

你能幫我嗎？

這是我的nginx.conf

server {
    listen   80; ## listen for ipv4; this line is default and implied
    server_name website.fr;

    access_log  /var/log/nginx/localhost.access.log;
    error_log  /var/log/nginx/localhost.error.log;

    root /var/www/website/web;
    index app_test.php
    # Limitation d'accés
    client_max_body_size 20M;
    #Default Location
    location / {
            #auth_basic "protection";
            #auth_basic_user_file /var/www/website/web/.htpasswd;
            root /var/www/actuanimau

x/web;
                index app_test.php;
                auth_basic "protection";
                auth_basic_user_file /var/www/website/web/.htpasswd;

                if (-f $request_filename) {


                break;
                }



                rewrite "^/([a-zA-Z]{0,10})\/?media\/(tmp|user|animal|article|association|common_content|event|product)\/(.{36})\/.*_(min|moy|med|small|photo|zoom|pano)\.(.{3,4})$" /$1/media/$2/$3_$4.$5 break;
                rewrite "^/([a-zA-Z]{0,10})\/?media\/(tmp|user|animal|article|association|common_content|event|product)\/(.{36})\/.*\.(.{3,4})$" /$1/media/$2/$3.$4 break;

                rewrite "^/([a-zA-Z]{0,10})\/?upload\/(animal|association|ckeditor)\/(.{36})\/.*\.(.{3,4})$" /$1/upload/$2/$3.$4 break;


                rewrite ^(.*)$ /app_test.php last;

        }

        ## Images and static content is treated different
        location ~* ^(media|upload)/[^/]+/[^/]+\.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
                access_log        off;
                expires           30d;
                root /var/www/website/web;
        }

        ## Parse all .php file in the /var/www directory
        location ~ .php$ {
                satisfy any;
                #auth_basic "Authentification Required";
                #auth_basic_user_file /var/www/website/web/.htpasswd;

                fastcgi_split_path_info ^(.+\.php)(.*)$;
                fastcgi_pass   backend;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /var/www/website/web/$fastcgi_script_name;
                include fastcgi_params;
                fastcgi_param  QUERY_STRING     $query_string;
                fastcgi_param  REQUEST_METHOD   $request_method;
                fastcgi_param  CONTENT_TYPE     $content_type;
                fastcgi_param  CONTENT_LENGTH   $content_length;
                fastcgi_intercept_errors        on;
                fastcgi_ignore_client_abort     off;
                fastcgi_connect_timeout 60;
                fastcgi_send_timeout 128;
                fastcgi_read_timeout 128;
                fastcgi_buffer_size 256k;
                fastcgi_buffers 4 256k;
                fastcgi_busy_buffers_size 256k;
                fastcgi_temp_file_write_size 256k;
    }

        location = ~/commande/validation/summary {
        auth_basic off;
        allow all;
        }
        ##Disable viewing .htaccess & .htpassword
        location ~ /\.ht {
                #deny  all;
                allow all;
        }



upstream backend {
        server 127.0.0.1:9000;
}

Answer 1

您還需要在PHP的location塊內重復auth_basic指令。 他們不是“繼承”的。 Nginx 僅使用最具體的匹配。