Nginx auth only for given location

nginx authentication http-basic-authentication http-authentication
13,565

You just need to add another location block before the one you currently have, to match the url you want protected.

location /managers {
    auth_basic      "Administrator Login";
    auth_basic_user_file  /var/www/static/.htpasswd;
    proxy_pass          http://mywebapp_gunicorn;
    proxy_redirect      off;
    proxy_set_header    Host            $host;
    proxy_set_header    X-Real-IP       $remote_addr;
    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
}

location / {
    proxy_pass          http://mywebapp_gunicorn;
    proxy_redirect      off;
    proxy_set_header    Host            $host;
    proxy_set_header    X-Real-IP       $remote_addr;
    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
}

Because it's before the / one, it will be used preferentially for the path /managers .

Share:
13,565

Related videos on Youtube

YardenST
Author by

YardenST

Updated on September 18, 2022

Comments

  • YardenST
    YardenST almost 2 years

    I'm using Nginx as a reverse proxy for a python WSGI web-app.

    It looks something like that: 

    location / {
    #auth_basic     "Administrator Login";
    #auth_basic_user_file  /var/www/static/.htpasswd;
    proxy_pass          http://mywebapp_gunicorn;
    proxy_redirect      off;
    proxy_set_header    Host            $host;
    proxy_set_header    X-Real-IP       $remote_addr;
    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
}

    Inside the web application I've got some administators pages I would like to be very protected, so now I'm using some authentication inside the web application to protect them, I would like to add Nginx auth as well.

    How to activate:

        auth_basic      "Administrator Login";
    auth_basic_user_file  /var/www/static/.htpasswd;

    For path: /managers, but not for all other URLs.

  • Michael Hampton
    Michael Hampton about 11 years
    The order in which the location blocks appear is irrelevant.
  • Danack
    Danack about 11 years
    It's not for preg block - nginx.org/en/docs/http/request_processing.html "Then nginx checks locations given by regular expression in the order listed in the configuration file." I realise that doesn't apply here, but it is nice to keep them in order.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to disable nginx basic_auth for one location but enable it for the rest of the site
service static files under nginx & HTTP-Authentication
nginx auth_basic "Restricted" prompting login on every request
Securing a Docker container with HTTP BASIC AUTH
Webmin: Cannot login through nginx reverse proxy
More Secure NGINX Authentication than auth_basic
Nginx reverse proxy - passthrough basic authenication
nginx http auth only working on folders, not on files
nginx doesn't seem to recognize "auth_pam" directive
Use NGINX for AD Authentication of both API users and Web Users