nginx auth_basic 验证有效性设置,解决对php文件不通过验证时也要执行的问题
  • 2018-10-25发布
  • 2018-10-25修改

auth_basic

Syntax: auth_basic string off
Default: off
Context: http
server
location
limit_except
Reference: auth_basic

 


This directive includes testing name and password with HTTP Basic Authentication. The assigned parameter is used as authentication realm. A value of "off" makes it possible to override the action for the inheritable from a lower-level directive.


auth_basic_user_file

Syntax: auth_basic_user_file file
Default:
Context: http
server
location
limit_except
Reference: auth_basic_user_file

 


This directive sets the htpasswd filename for the authentication realm. Since version 0.6.7 the filename path is relative to directory of nginx configuration file nginx.conf, but not to nginx prefix directory.

The format of file is the following:

以上是官方对auth_basic生效的区域的说明,官方的配置示例为:

location  /  {
  auth_basic            "Restricted";
  auth_basic_user_file  htpasswd;}

上面的 配置有效性只在location / {} 中,当遇到location ~ \.php$ {}时,程序会继续被执行,即在不输入或输入错误用户信息时,php程序照样执行,达不到预期效果,所以应该用下面的设置方法,在server区中加入auth_basic模块:

server {
        listen       80;
        server_name  localhost;
        #charset koi8-r;
        #access_log  logs/host.access.log  main;
        auth_basic "Restricted";
        auth_basic_user_file /mydisk/conf/passwd;
        
        location / {
            root   html/public;
            index  index.html index.htm index.php;
        }
        #error_page  404              /404.html;
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html/public;
        }
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        location ^~ /svn/ {
            proxy_pass   http://127.0.0.1:8088;
        }
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
            root           html/public;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
}