password protect /backoffice folder in nginx

2019-07-28 07:25发布

问题:

I am trying to password protect a folder called backoffice. I would like to password protect the folder and everything below it (including PHP files).

I just can't seem to get it working in nginx.

My configuration is currently this:

server {
    listen   80;
    server_name  www.example.com;
    access_log  /var/log/nginx/localhost.access.log;
    access_log off;
    client_max_body_size 50m;

    ## Default location
    location / {
        root   /var/www/clients/client3/web21/web;
        index  index.php;
    }

    ## Images and static content is treated different
    location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
      access_log        off;
      expires           30d;
      root /var/www/clients/client3/web21/web;
    }

    ## Parse all .php file in the /var/www directory
    location ~ .php$ {
        fastcgi_split_path_info ^(.+\.php)(.*)$;
        fastcgi_pass   unix:/dev/shm/fpm.sock;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /var/www/clients/client3/web21/web$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_param  QUERY_STRING     $query_string;
        fastcgi_param  REQUEST_METHOD   $request_method;
        fastcgi_param  CONTENT_TYPE     $content_type;
        fastcgi_param  CONTENT_LENGTH   $content_length;
        fastcgi_intercept_errors        on;
        fastcgi_ignore_client_abort     off;
        fastcgi_connect_timeout 30;
        fastcgi_send_timeout 30;
        fastcgi_read_timeout 30;
    }

    ## Disable viewing .htaccess & .htpassword
    location ~ /\.ht {
        deny all;
    }

    # Password Protect important Directories
    location ^~ /backoffice {
        root /var/www/clients/client3/web21/web;
        auth_basic            "Restricted";
        auth_basic_user_file   /var/www/clients/client3/web21/htpass;
    }
}

回答1:

You need to nest your php location block inside your protected directory block. Like this:

location ^~ /protected {
    auth_basic              "Restricted";
    auth_basic_user_file    /usr/local/nginx/conf/password;

    location ~ \.php$ {
        fastcgi_pass   127.0.0.1:9000;
        include        fastcgi.conf;
    }
}