Nginx probleme auth_basic
Salut à tous, j'ai un problème avec NGINX.
Je veux en effet sécuriser tout le site internet, et laisser une location accessible. Le problème est lorsque je fais annuler lors de la demande d'authentification, la page s'affiche quand même mais sans CSS, elle n'est pas accessible mais il n'y a pas l'erreur 401 qu'on a normalement lors d'un échec d'authentification.
Par exemple mon site est website.fr, il est entièrement sécurisé. Je veux rendre accessible l'URL website.fr/commande/validation/summary.
Voici ma configuration NGINX.
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86
| server {
listen 80; ## listen for ipv4; this line is default and implied
server_name website.fr;
access_log /var/log/nginx/localhost.access.log;
error_log /var/log/nginx/localhost.error.log;
root /var/www/website/web;
index app_test.php
# Limitation d'accés
client_max_body_size 20M;
#Default Location
location / {
#auth_basic "protection";
#auth_basic_user_file /var/www/website/web/.htpasswd;
root /var/www/actuanimaux/web;
index app_test.php;
auth_basic "protection";
auth_basic_user_file /var/www/website/web/.htpasswd;
if (-f $request_filename) {
break;
}
rewrite "^/([a-zA-Z]{0,10})\/?media\/(tmp|user|animal|article|association|common_content|event|product)\/(.{36})\/.*_(min|moy|med|small|photo|zoom|pano)\.(.{3,4})$" /$1/media/$2/$3_$4.$5 break;
rewrite "^/([a-zA-Z]{0,10})\/?media\/(tmp|user|animal|article|association|common_content|event|product)\/(.{36})\/.*\.(.{3,4})$" /$1/media/$2/$3.$4 break;
rewrite "^/([a-zA-Z]{0,10})\/?upload\/(animal|association|ckeditor)\/(.{36})\/.*\.(.{3,4})$" /$1/upload/$2/$3.$4 break;
rewrite ^(.*)$ /app_test.php last;
}
## Images and static content is treated different
location ~* ^(media|upload)/[^/]+/[^/]+\.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
access_log off;
expires 30d;
root /var/www/website/web;
}
## Parse all .php file in the /var/www directory
location ~ .php$ {
satisfy any;
#auth_basic "Authentification Required";
#auth_basic_user_file /var/www/website/web/.htpasswd;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/website/web/$fastcgi_script_name;
include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 128;
fastcgi_read_timeout 128;
fastcgi_buffer_size 256k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
location = ~/commande/validation/summary {
auth_basic off;
allow all;
}
##Disable viewing .htaccess & .htpassword
location ~ /\.ht {
#deny all;
allow all;
}
upstream backend {
server 127.0.0.1:9000;
} |
En vous remerciant d'avance !
Et bonne année !!