Enable Nginx authentication for a specific URL

1

I'm working with a control panel and need to put an authentication in the access to the admin folder.

I already created the user and password, the configuration of nginx this way:

server {
listen 443 ssl;
server_name localhost;
root /usr/local/pannel/www;

gzip on;
gzip_http_version  1.1;
gzip_comp_level    5;
gzip_min_length    256;
gzip_proxied       any;
gzip_vary          on;

gzip_types
  application/atom+xml
  application/javascript
  application/json
  application/rss+xml
  application/vnd.ms-fontobject
  application/x-font-ttf
  application/x-web-app-manifest+json
  application/xhtml+xml
  application/xml
  font/opentype
  image/svg+xml
  image/x-icon
  text/css
  text/plain
  text/x-component;

ssl_certificate     /usr/local/svmstack/nginx/ssl/ssl.crt;
ssl_certificate_key /usr/local/svmstack/nginx/ssl/ssl.key;
ssl_session_timeout 6m;
ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers         HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

index index.php;

include services/custom/legacy-master-before-php-location-443.conf;

location ~ \.php$ {
    include services/custom/legacy-master-inside-php-location-443.conf;
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_read_timeout 3600;
    fastcgi_pass unix:/usr/local/svmstack/fpm/socket/web.sock;
    fastcgi_index index.php;
    include fastcgi.conf;
    fastcgi_param HTTPS $https;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
include services/custom/legacy-master-after-php-location-443.conf;
}

I could simply add the code below within location , however, in that case, it would request authentication for all the files in the / usr / local / pannel / www directory.

auth_basic "Restricted";
auth_basic_user_file /usr/local/pannel/htpasswd;

How can I create a new location , within the same server key, for a specific URL, which would in this case be: /usr/local/pannel/www/admin/login.php

I need authentication only when this file is accessed (login.php).

I tried to do this but it did not work:

location /admincp {
        auth_basic "Restricted";
        auth_basic_user_file /usr/local/pannel/htpasswd;
}
    
asked by anonymous 18.06.2018 / 15:10

1 answer

0

I was able to find the solution with a friend of mine, it was like this:

location ~ /admin/login.php {
    include services/custom/legacy-master-inside-php-location-443.conf;
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_read_timeout 3600;
    fastcgi_pass unix:/usr/local/svmstack/fpm/socket/web.sock;
    fastcgi_index index.php;
    include fastcgi.conf;
    fastcgi_param HTTPS $https;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    auth_basic "Restricted";
    auth_basic_user_file /usr/local/pannel/htpasswd;
}

location ~ \.php$ {
    include services/custom/legacy-master-inside-php-location-443.conf;
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_read_timeout 3600;
    fastcgi_pass unix:/usr/local/svmstack/fpm/socket/web.sock;
    fastcgi_index index.php;
    include fastcgi.conf;
    fastcgi_param HTTPS $https;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
    
19.06.2018 / 19:38