nginx auth_basic 验证有效性设置,解决对php文件不通过验证时也要执行的问题
冉丰茂
auth_basic
| Syntax: | auth_basic string | off |
| Default: | off |
| Context: | http server location limit_except |
| Reference: | auth_basic |
This directive includes testing name and password with HTTP Basic Authentication. The assigned parameter is used as authentication realm. A value of "off" makes it possible to override the action for the inheritable from a lower-level directive.
auth_basic_user_file
| Syntax: | auth_basic_user_file file |
| Default: | |
| Context: | http server location limit_except |
| Reference: | auth_basic_user_file |
This directive sets the htpasswd filename for the authentication realm. Since version 0.6.7 the filename path is relative to directory of nginx configuration file nginx.conf, but not to nginx prefix directory.
The format of file is the following:
以上是官方对auth_basic生效的区域的说明,官方的配置示例为:
location / { auth_basic "Restricted"; auth_basic_user_file htpasswd; }
上面的 配置有效性只在location / {} 中,当遇到
location ~ \.php$ {}时,程序会继续被执行,即在不输入或输入错误用户信息时,php程序照样执行,达不到预期效果,所以应该用下面的设置方法,在server区中加入auth_basic模块:
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
auth_basic "Restricted";
auth_basic_user_file /mydisk/conf/passwd;
location / {
root html/public;
index index.html index.htm index.php;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html/public;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
location ^~ /svn/ {
proxy_pass http://127.0.0.1:8088;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html/public;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
类似资料: