Hello all. I'm trying to configure my nginx server in what should be a pretty simple manner. It serves PHP scripts via FCGI and php-fpm. There is an /admin/ folder that I want to protect with an http username/password. That's about it.
I'm running into a problem that I just can't figure out how to solve.
If I use the config below, http auth works OK, and the following requests proceed as expected:
http://example.com/admin -> http://example.com/admin/index.php
http://example.com/admin/ -> http://example.com/admin/index.php
http://example.com/admin/page.php -> http://example.com/admin/page.php
[b]HOWEVER[/b], the php scripts located in the /admin/ folder are served as static files--that is, the raw code is served, and they don't get processed by FCGI. Scripts located in the site root are processed correctly. Here is the configuration that causes this:
[code]server {
listen 80; ## listen for ipv4
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name example.com;
server_name_in_redirect off;
root /path/to/www;
index index.php;
location ~ ^/admin{
auth_basic "Restricted area";
auth_basic_user_file /path/to/www/.htpasswd;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /path/to/www$fastcgi_script_name;
include fastcgi_params;
}
}[/code]
Now if I update the server configuration to place additional FCGI processing directives in the /admin/ location, http auth works OK, php is processed OK, [b]HOWEVER[/b] accessing the admin folder without a trailing slash gives a 404. For example:
http://example.com/admin -> 404
http://example.com/admin/ -> http://example.com/admin/index.php
http://example.com/admin/page.php -> http://example.com/admin/page.php
This is the config for this result (it's the same as above but with extra FCGI directives in the /admin/ location):
[code]server {
listen 80; ## listen for ipv4
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name example.com;
server_name_in_redirect off;
root /path/to/www;
index index.php;
location ~ ^/admin{
auth_basic "Restricted area";
auth_basic_user_file /path/to/www/.htpasswd;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /path/to/www$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /path/to/www$fastcgi_script_name;
include fastcgi_params;
}
}[/code]
My question is: What do I need to do to this config so that
1) http auth works for the /admin/ folder;
2) PHP is processed correctly for the /admin/ folder; and
3) a trailing slash is not required to access the /admin/ folder index.
This isn't a problem in Apache2, which I'm migrating from. Why am I having so much trouble with nginx?
I'm also wondering why I seem to need to copy-and-paste the PHP FCGI directives into the /admin/ location. Shouldn't they just work for all .php files? Maybe the answer to this can help guide other nginx noobs like me.
It isn't such a big deal that the trailing slash doesn't work, since I'm the only one using the admin folder. But it bothers me that I just can't understand why this is happening, and I would like it to work. Any thoughts?