Ensiferous Wrote:
-------------------------------------------------------
> The right way is to add the auth basic directives
> to the PHP location as nginx will only ever
> execute one location. So in your pasted config, if
> nginx gets a request for
> /passwordprotected/index.php then it won't be
> protected.

Thanks,

how can i add them to the same direction? I don't want to protect all files, ionly files in the specific folder.
Something like that don't work:

server {
root /foo/;
...
location ~ \.php$ {
fastcgi_pass foo;
include fastcgi_parms;

location ^~ /passwordprotected {
auth_basic "foo";
auth_basic_user_file foo;
}

}

}



Thanks