Welcome! Log In Create A New Profile

Advanced

Re: no basic auth from outside network

Previous Message Next Message
Forum List Message List New Topic Print View
rattus
May 20, 2012 06:58PM
After further testing, it's not the basic auth that's causing the problem... it's simply trying to access subdirectories from outside. Makes me thing I've messed something up in my nginx.conf:


worker_processes 1;
events {
worker_connections 64;
}
http {
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:AES128-SHA;
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_session_timeout 5m;

## Timeouts
keepalive_timeout 300 300;

## General Options
charset utf-8;
default_type application/octet-stream;
ignore_invalid_headers on;
types {
text/html html;
image/gif gif;
image/jpeg jpg;
}
keepalive_requests 20;
max_ranges 0;
recursive_error_pages on;
sendfile on;
server_tokens off;
source_charset utf-8;

## Request limits
limit_req_zone $binary_remote_addr zone=fred:1m rate=60r/m;

## Compression
gzip on;
gzip_static on;
gzip_vary on;

## Log Format
log_format main '$remote_addr $host $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $ssl_cipher $request_time';

## http .:. redirect to https
server {
access_log /var/log/nginx/access.log main buffer=32k;
error_log /var/log/nginx/error.log error;
expires 0;
limit_req zone=fred burst=200 nodelay;
listen 80;
root /var/empty;
rewrite ^ https://192.168.1.100$request_uri permanent;
}

## https .:. (www.)example.com
server {
add_header Cache-Control "public";
add_header Strict-Transport-Security "max-age=315360000; includeSubdomains";
access_log /var/log/nginx/access.log main buffer=32k;
error_log /var/log/nginx/error.log error;
expires max;
index index.html;
limit_req zone=fred burst=200 nodelay;
listen 443;
root /var/www/htdocs;
server_name 192.168.1.100;

## Basic auth on test
location / {
}

location ^~ /test/ {
index index.html;
auth_basic "Admin Login";
auth_basic_user_file .htpasswd;
}

#!!! IMPORTANT !!! We need to hide the password file from prying eyes
# This will deny access to any hidden file (beginning with a .period)
location ~ /\. { deny all; }

## SSL Certs
ssl on;
ssl_session_cache shared:SSL:10m;
ssl_certificate /home/root/ssl/test.crt;
ssl_certificate_key /home/root/ssl/test.key;
ssl_ecdh_curve secp521r1;

## Stop Image and Document Hijacking
location ~* (\.jpg|\.gif|\.png|example\.css)$ {
if ($http_referer !~ ^(https://192.168.1.100) ) {
return 404;
}
}

## All other errors get the generic error page
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
location /example_error_page.html {
internal;
}
}
}

...again, it just hangs accessing subdirectories like "test", while everything works well from within the local network. The www root directory index.html serves up fine, even redirected to 443.

TIA,

Mike
Reply Quote
RSS
Subject Author Posted

no basic auth from outside network

rattus May 20, 2012 06:31PM

Re: no basic auth from outside network

rattus May 20, 2012 06:58PM

Re: no basic auth from outside network

Steve May 20, 2012 09:32PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 311
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready