Password protecting Rails site running on Nginx an

2019-02-12 13:08发布

站内问答 / 前沿技术
441 3 6

I want to protect my newly deployed Rails 3 app with the basic http authentication. It's running on the latest Nginx/Passenger and I'm using the following Nginx directive to protect the web root directory:

location = / {
  auth_basic "Restricted";
  auth_basic_user_file htpasswd;
}

htpasswd file was generated using Apache htpasswd utililty. However, after entering correct username and password I'm getting transferred to the 403 Forbidden error page. Analyzing Nginx error log revealed this:

directory index of "/var/www/mysite/public/" is forbidden, client: 108.14.212.10, server: mysite.com, request: "GET / HTTP/1.1", host: "mysite.com"

Obviously, I don't want to list the contents of the mysite/public directory. How can I configure this properly so the Rails app starts after I enter my login info?

3条回答
贪生不怕死
2楼-- · 2019-02-12 13:34

You need to re-specify passenger_enabled in the location block.

查看更多
0人赞 添加讨论(0) 举报
小情绪 Triste *
3楼-- · 2019-02-12 13:37

Check your Nginx error log. 403 means that you got the path to your password file wrong.

查看更多
0人赞 添加讨论(0) 举报
贼婆χ
4楼-- · 2019-02-12 13:40

You can let Rails handle the authentication

# application_controller.rb
before_filter :authenticate

protected

def authenticate
  authenticate_or_request_with_http_basic do |username, password|
    username == "foo" && password == "bar"
  end
end

also you should set config.serve_static_assets = true in your environment.rb (or applicaion.rb in Rails 3) so that the static assets in public go through the same filter.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)