Nginx基本身份验证可在http上运行,但不能在https上运行 [英] Nginx basic auth working on http but not on https
问题描述
我在centos 6上运行nginx.该域配置为使用ssl.一些特定的文件夹需要使用密码保护.如果我使用http键入URL,则浏览器会要求输入用户名并通过.如果我使用https键入相同的URL,则将显示特定文件夹的索引文件,而不要求用户通过.
Im running nginx on centos 6. The domain is configured to use ssl. Some specific folders need to be password protected. If I type the url with http the basic the browsers asks to enter user and pass. If I type the same url with https then the index file of the specific folder will be shown without asking for user pass.
我在域特定的nginx.conf文件中有此文件:
I have this in my domain specific nginx.conf file:
location /protected_folder {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
}
如何确保使用http和https的两个网址都受密码保护?
How can I make sure that the both urls using http and https are password protected?
推荐答案
您需要将受限制的配置放在80和443端口中:
You need to put your restricted configuration in 80 and 443 ports :
/etc/nginx/sites-available/MY_VHOST
/etc/nginx/sites-available/MY_VHOST
server
{
listen 80;
server_name YOUR.FQDN;
.....other config of vhost.....
location /protected_folder {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}
server
{
listen 443;
server_name YOUR.FQDN;
.....other config of vhost.....
location /protected_folder {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}
或者您可以将http请求重定向到https:
or you can redirect the http request to https :
server
{
listen 80;
server_name YOUR.FQDN;
return 301 https://YOUR.FQDN$request_uri;
}
server
{
listen 443;
server_name YOUR.FQDN;
.....other config of vhost.....
location /protected_folder {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}
这篇关于Nginx基本身份验证可在http上运行,但不能在https上运行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!