Hello all. I'm trying to configure my nginx server in what should be a pretty simple manner. It serves PHP scripts via FCGI and php-fpm. There is an /admin/ folder that I want to protect with an http username/password. That's about it.

I'm running into a problem that I just can't figure out how to solve.

If I use the config below, http auth works OK, and the following requests proceed as expected:

http://example.com/admin -> http://example.com/admin/index.php
http://example.com/admin/ -> http://example.com/admin/index.php
http://example.com/admin/page.php -> http://example.com/admin/page.php

[b]HOWEVER[/b], the php scripts located in the /admin/ folder are served as static files--that is, the raw code is served, and they don't get processed by FCGI. Scripts located in the site root are processed correctly. Here is the configuration that causes this:

[code]server {
listen 80; ## listen for ipv4
listen [::]:80 default ipv6only=on; ## listen for ipv6

server_name example.com;
server_name_in_redirect off;
root /path/to/www;
index index.php;

location ~ ^/admin{
auth_basic "Restricted area";
auth_basic_user_file /path/to/www/.htpasswd;
}

location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /path/to/www$fastcgi_script_name;
include fastcgi_params;
}
}[/code]



Now if I update the server configuration to place additional FCGI processing directives in the /admin/ location, http auth works OK, php is processed OK, [b]HOWEVER[/b] accessing the admin folder without a trailing slash gives a 404. For example:

http://example.com/admin -> 404
http://example.com/admin/ -> http://example.com/admin/index.php
http://example.com/admin/page.php -> http://example.com/admin/page.php

This is the config for this result (it's the same as above but with extra FCGI directives in the /admin/ location):

[code]server {
listen 80; ## listen for ipv4
listen [::]:80 default ipv6only=on; ## listen for ipv6

server_name example.com;
server_name_in_redirect off;
root /path/to/www;
index index.php;

location ~ ^/admin{
auth_basic "Restricted area";
auth_basic_user_file /path/to/www/.htpasswd;

fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /path/to/www$fastcgi_script_name;
include fastcgi_params;
}

location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /path/to/www$fastcgi_script_name;
include fastcgi_params;
}
}[/code]


My question is: What do I need to do to this config so that
1) http auth works for the /admin/ folder;
2) PHP is processed correctly for the /admin/ folder; and
3) a trailing slash is not required to access the /admin/ folder index.

This isn't a problem in Apache2, which I'm migrating from. Why am I having so much trouble with nginx?

I'm also wondering why I seem to need to copy-and-paste the PHP FCGI directives into the /admin/ location. Shouldn't they just work for all .php files? Maybe the answer to this can help guide other nginx noobs like me.

It isn't such a big deal that the trailing slash doesn't work, since I'm the only one using the admin folder. But it bothers me that I just can't understand why this is happening, and I would like it to work. Any thoughts?