Nginx configuration problem

Hello all. I'm trying to configure my nginx server in what should be a pretty simple manner. It serves PHP scripts and has an admin area that I want to protect with an http username/password.

I'm running into a problem that I just can't figure out how to solve.

  • If I use the config below, http auth works OK for the following requests:

http://myserver.com/admin -> http://myserver.com/admin/index.php

http://myserver.com/admin/ -> http://myserver.com/admin/index.php

http://myserver.com/admin/page.php -> http://myserver.com/admin/page.php

HOWEVER, the php scripts located in the /admin/ subfolder are served as static files–that is, the raw code is served, and they don't get processed by FCGI. Scripts located in the site root are processed correctly. Here is the configuration that causes this:

server {
        listen   80; ## listen for ipv4
        listen   [::]:80 default ipv6only=on; ## listen for ipv6

        server_name  myserver.com;
        server_name_in_redirect off;
        root   /path/to/www;
        index  index.php;

        location ~ ^/admin{
                auth_basic        "Restricted area";
                auth_basic_user_file    /path/to/www/.htpasswd;
        }

        location ~ \.php$ {
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /path/to/www$fastcgi_script_name;
                include fastcgi_params;
        }
}
  • If I update the server configuration to place additional FCGI processing directives in the /admin/ location, http auth works OK, php is processed OK, HOWEVER accessing the admin folder without a trailing slash leads to a 404. For example:

http://myserver.com/admin -> 404

http://myserver.com/admin/ -> http://myserver.com/admin/index.php

http://myserver.com/admin/page.php -> http://myserver.com/admin/page.php

This is the config for this result (it's the same as above but with extra FCGI directives in the /admin location):

server {
        listen   80; ## listen for ipv4
        listen   [::]:80 default ipv6only=on; ## listen for ipv6

        server_name  myserver.com;
        server_name_in_redirect off;
        root   /path/to/www;
        index  index.php;

        location ~ ^/admin{
                auth_basic        "Restricted area";
                auth_basic_user_file    /path/to/www/.htpasswd;

                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /path/to/www$fastcgi_script_name;
                include fastcgi_params;
        }

        location ~ \.php$ {
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /path/to/www$fastcgi_script_name;
                include fastcgi_params;
        }
}

My question is: What do I need to do to this config so that 1) http auth works for the /admin/ folder; 2) PHP is processed correctly for the /admin/ folder; and 3) a trailing slash is not required to access the /admin/ folder index. This isn't a problem in Apache. Why am I having so much trouble with nginx?

It isn't such a big deal that the trailing slash doesn't work, since I'm the only one using the admin folder. But it bothers me that I just can't understand why this is happening, and I would like it to work. Any nginx experts out there?

2 Replies

Try posting your question at the Nginx forum/mailing list at: [http://forum.nginx.org/list.php?2" target="_blank">http://forum.nginx.org/list.php?2](<URL url=)

M.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct