开发者

Nginx - Password Protect PHP Script

开发者 https://www.devze.com 2023-01-27 11:01 出处:网络
How can I password protect a single ph php script in Nginx. I\'m using nginx as the webserver and proxying over to php-fastcgi. I can\'t get the location blocks to behave as expected.

How can I password protect a single ph php script in Nginx. I'm using nginx as the webserver and proxying over to php-fastcgi. I can't get the location blocks to behave as expected.

Here's a snippet of what I'm 开发者_如何学Gotrying.

location /admin\.php$ {
    auth_basic "Valid User Required";
    auth_basic_user_file /etc/nginx/http-auth;
}
location ~\.php$ {
    root /var/www/nginx/vhosts/site;
    include /etc/nginx/fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_pass phpfcgi;
}


First issue:

You are matching against a prefix string instead of a regular expression:

  1. The prefix string is matched literally.
  2. Even if a prefix string is matched, the search continues with the regular expression below (~\.php$). If that matches, the prefix string match is ignored.

Solution to issue #1:

Add a ~ to perform a regular expression match: ~/admin\.php$.

Second issue:

Now that your block matches, you want to pass php scripts inside it to fastcgi, otherwise they'll be served as text files, without being parsed.

Solution to issue #2:

Nest a ~\.php$ location block inside the ~/admin\.php$ location block, for the final result shown below:

location ~/admin\.php$ {
    auth_basic "Valid User Required";
    auth_basic_user_file /etc/nginx/http-auth;
    location ~\.php$ {
        root /var/www/nginx/vhosts/site;
        include /etc/nginx/fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_pass phpfcgi;
    }
}
location ~\.php$ {
    root /var/www/nginx/vhosts/site;
    include /etc/nginx/fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_pass phpfcgi;
}

Reference:

See this pertaining post, this answer on location blocks precedence, and the Nginx docs on the topic.


location /admin\.php$ {
    auth_basic "Valid User Required";
    auth_basic_user_file /etc/nginx/http-auth;
+    root /var/www/nginx/vhosts/site;
+    include /etc/nginx/fastcgi_params;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    fastcgi_pass phpfcgi;
}

May be this helps to you.

0

精彩评论

暂无评论...
验证码 换一张
取 消