NGINX basic auth only for POST

nginx mercurial http-basic-authentication
5,829

You should use limit_except:

limit_except GET HEAD {
    auth_basic 'Restricted';
    auth_basic_user_file /path/to/userfile;
}

It works since nginx 0.8.48, in older versions there was a bug where fastcgi_pass was not inherited inside the limit_except block.

Share:
5,829
Adrian Heine
Author by

Adrian Heine

Software developer with a focus on web development. Currently into JavaScript, TypeScript, Rust and Node.js, extensive experience with PHP.

Updated on September 17, 2022

Comments

  • Adrian Heine
    Adrian Heine almost 2 years

    I'm settings up nginx to serve Mercurial repositories. It works when not using basic authentication at all, or when I use basic authentication all over.

    What I want to do is to just use basic auth on POST requests, so anyone have pull access, but only authenticated users can push.

    I tried the following,

    if ($request_method = POST) {
  auth_basic "Restricted";
  auth_basic_user_file /path/to/userfile
}

    However it complains about "auth_basic directive is not allowed here".

    How can I solve this?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Nginx reverse proxy - passthrough basic authenication
Nginx auth only for given location
How to disable nginx basic_auth for one location but enable it for the rest of the site
service static files under nginx & HTTP-Authentication
Protecting a location by IP while applying basic auth everywhere else
NGINX basic auth timeout?
Enable basic auth sitewide and disabling it for subpages?
Nginx - Forward HTTP AUTH - User
How to disable http basic auth in nginx for a specific ip range?
Dart http.MultipartRequest not sending data to Lumen after relocating server to a different apache server, Postman works fine