Welcome! Log In Create A New Profile

Advanced

Password protect files, not just folder?

Posted by Gutspiller 
Password protect files, not just folder?
May 10, 2010 10:56PM
How do you password protect all files within a folder, and not just the folder itself?

ie: mydomain.com/admincp is protected, but if somebody goes directly to mydomain.com/admincp/index.php they can access it.

Can you tell me how I can protect all files within the folder as well?

Thank you.
Re: Password protect files, not just folder?
May 11, 2010 04:38PM
Please post your complete config file(s).

--
Jim Ohlstein
Re: Password protect files, not just folder?
May 11, 2010 10:14PM
I'm actually asking, because my host is trying to tell me that it's not possible in Nginx. I had a hard time believing that, so that's why I am here.

I don't really know how or what they are trying, but apparently they can't figure it out.

Can you give me the code that would allow it to password protect not only the folder, but the contents inside the folder as well?

Or Nginx manual page that would let them know that it certainly is possible.

I really don't like having to do the work that they are being paid for.

Thanks for any info you can give!
Re: Password protect files, not just folder?
May 13, 2010 11:19AM
It really depends on the situation.

Most of the time I've seen this issue arise is because the configuration file is improperly set up and the URI is being captured by another location block. In this case, it likely would be the "php" location block. The configuration file needs to be set up so that *all* files in the protected directory are captured by the location to be protected.

Something like:

[code]
location ^~ /protected-directory/ {
...
location ~ \.php$ {
... # fastcgi_pass or proxy_pass statements
}
}

location ~ \.php$ {
... # fastcgi_pass or proxy_pass statements
}
[/code]

In this case anything that matched the "^~" is processed in that location block, before any regular expressions are evaluated. The nested location, though not well documented, should function properly in this case. It's used so that any php scripts within the protected directory or any of it's subdirectories are processed properly.

See http://wiki.nginx.org/NginxHttpCoreModule#location for information on location blocks.

--
Jim Ohlstein
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 211
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready