Hello, On 01/13/2017 04:42 PM, lacibaci wrote:
I have a location that I would like to protect:location /private { satisfy any; allow 192.168.1.0/24; deny all; auth_basic "Protected"; auth_basic_user_file conf/htpasswd; } This works for /private /private/ and /private/somefile.html However, when I request (GET or POST) /private/foo.php it will execute without auth. How can I set it up so everything under /private is protected?
The request is probably being handled by a different location (ie the one that handles PHP requests).
See http://nginx.org/en/docs/http/ngx_http_core_module.html#location for the order in which location is determined.
-- Jim Ohlstein _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
