Hello,

I still have some issue with this configuration. I restricted access to admin back end:

location /administrator {
auth_basic "Authorized Access Only!";
auth_basic_user_file .userdb;
}

- however when I add index.php file to the URl (mydomain.com/administrator/index.php) the nginx just allow me to access this part of the website without authentication.
I modified above configuration to:

location ^~ /administrator {
auth_basic "Authorized Access Only!";
auth_basic_user_file .userdb;
}

- then even if I append index.php it's still ask me for login credentials but when I logged in the web browser is trying to download a file instead of opening the website.

Can someone point me to the right direction please as this problem persist even with the nginx default config files/configuration examples.