I am trying to set up basic auth on a subfolder with nginx.
location ^~ /Docs/ {
auth_basic "Restricted Area";
auth_basic_user_file /var/www/Docs/.htpasswd; //also tried the path in quotes
}
I have tried numerous methods to generate a password (e.g apache's htpasswd
) but I am not able to log in at /Docs with the username and password specified in .htpasswd. I see the authentication dialog with 'Restricted Area' but the password is not accepted.
I've tried the methods here:
Turns out this was caused by a Squid caching proxy which was not passing authentication headers correctly. This was proved by running something similar to the following:
where dump.php contains
<php phpinfo();
In the case of the server behind squid, the output of that command was empty and I would expect to see mention of
_SERVER["HTTP_AUTHORIZATION"]
Have you tried using an absolute location path?
location /Docs { auth_basic "Restricted Area"; auth_basic_user_file /var/www/Docs/.htpasswd; }
If that gets you further along, you may want to either (A) move the password file outside of the web root directory, or (B) protect the password file from being served:
location ~ /\. { deny all; }
And are you sure the file you have created is readable by the user nginx is running as?