2
I am working with a control panel and need to put an authentication in the admin folder access.
I already created the user and password, the Nginx configuration this way:
server {
listen 443 ssl;
server_name localhost;
root /usr/local/pannel/www;
gzip on;
gzip_http_version 1.1;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/x-component;
ssl_certificate /usr/local/svmstack/nginx/ssl/ssl.crt;
ssl_certificate_key /usr/local/svmstack/nginx/ssl/ssl.key;
ssl_session_timeout 6m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
index index.php;
include services/custom/legacy-master-before-php-location-443.conf;
location ~ \.php$ {
include services/custom/legacy-master-inside-php-location-443.conf;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_read_timeout 3600;
fastcgi_pass unix:/usr/local/svmstack/fpm/socket/web.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_param HTTPS $https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
include services/custom/legacy-master-after-php-location-443.conf;
}
I could simply add the code below inside location, however, in that case it would request authentication for all files in the directory /usr/local/pannel/www;.
auth_basic "Restricted";
auth_basic_user_file /usr/local/pannel/htpasswd;
How can I create a new location, inside that same key server, for a specific URL, which in this case would be: /usr/local/pannel/www/admin/login.php
I need authentication only when this file is accessed (login.php).
I tried to do it that way but it didn’t work:
location /admincp {
auth_basic "Restricted";
auth_basic_user_file /usr/local/pannel/htpasswd;
}
I have temporarily removed my reply. Try it this way: https://pastebin.com/raw/N10BPTV7 (There are two links for testing)
– Valdeir Psr
I could not access the link: This page has been Removed!
– Wendler
https://pastebin.com/Y3szYSUQ
– Valdeir Psr
Tested, downloaded as well.
– Wendler
If you remove the
locationline 12 to 15 (Based on the example above), works?– Valdeir Psr
Yes, it accesses but does not request data for authentication.
– Wendler
@Valdeirpsr I managed to solve, it was necessary to inform the Nginx that the file was accessible, I did it repeating the rules of fastcgi, it was like this: https://pastebin.com/9DcHy4EM
– Wendler
If you want to post the solution, then mark as solved.
– Wendler
glad you made it. You can put it as an answer, your credit. ^^
– Valdeir Psr
Actually I do not know if I can answer my own question rs, I did not get to read the terms of the site.
– Wendler
can answer yes. https://pt.meta.stackoverflow.com/questions/422/responder-sua-pr%C3%B3pria-question
– Valdeir Psr