Real-combat nginx Web user authentication

Last Update:2018-03-13 Source: Internet

Author: User

Tags curl

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

#属于apache的一个组件, if not, install with Yum

` yum install -y httpd  htpasswd` #第一需要-c创建，-m强制md5加密

New Password:
Re-type New Password:

The second time, add users do not need-C, if you use the-C will reset the file, only one record

# htpasswd -m /usr/local/nginx/conf/htpasswd gavin

New Password:
Re-type New Password:
Adding Password for user Gavin

vim /usr/local/nginx/conf/enable-php.conf        location ~ [^/]\.php(/|$)        {            try_files $uri =404;            fastcgi_pass  unix:/tmp/php-cgi-56.sock;            fastcgi_index index.php;            include fastcgi.conf;        }

* * Certification of the entire site, auth_basic before PHP interpretation

# vim /usr/local/nginx/conf/vhost/www.123.cn.conf server{    listen 80;    server_name www.123.cn;#注意下面的index.*的顺序，谁在前面，优先解析谁    index index.php index.html index.htm;    root /www/wwwroot/www.123.cn;#下面为认证配置#目录认证location  /    {        auth_basic              "Auth";        auth_basic_user_file   /usr/local/nginx/conf/htpasswd;}     include enable-php.conf;}

#因为有 include enable-php.conf; so there's no need to configure PHP-FPM separately

curl -I -xlocalhost:80 www.123.cnHTTP/1.1 401 UnauthorizedServer: nginxDate: Mon, 12 Mar 2018 15:06:50 GMTContent-Type: text/htmlContent-Length: 188Connection: keep-aliveWWW-Authenticate: Basic realm="Auth"# curl -I -xlocalhost:80 www.123.cn -ugavinEnter host password for user ‘gavin‘:HTTP/1.1 200 OKServer: nginxDate: Mon, 12 Mar 2018 15:07:22 GMTContent-Type: text/htmlContent-Length: 3703Last-Modified: Mon, 12 Mar 2018 14:53:42 GMTConnection: keep-aliveVary: Accept-EncodingETag: "5aa69476-e77"Accept-Ranges: bytes

#网站下的目录认证

[[email protected] default]# curl-i-xlocalhost:80 www.123.cnHTTP/1.1 $ OKServer:nginxDate:Mon, 2018 15:2 9:32 gmtcontent-type:text/html; Charset=utf-8connection:keep-alivevary:accept-encodingx-powered-by:php/5.6.34[[email protected] default]# Curl-i-xlocalhost:80 www.123.cn/admin/HTTP/1.1 401 UnauthorizedServer:nginxDate:Mon, Mar 2018 15:29:40 gmtcontent-t Ype:text/htmlcontent-length:188connection:keep-alivewww-authenticate:basic realm= "Auth" [[email protected] default]# curl-i-xlocalhost:80 www.123.cn/admin/index.phpHTTP/1.1 401 UnauthorizedServer:nginxDate:Mon, April 2018 16 : 09:12 gmtcontent-type:text/htmlcontent-length:188connection:keep-alivewww-authenticate:basic realm= "Auth" [[ Email protected] default]# curl-i-xlocalhost:80 www.123.cn/admin/tz.phpHTTP/1.1 401 Unauthorizedserver: Nginxdate:mon, Mar 2018 16:09:27 gmtcontent-type:text/htmlcontent-length:188connection: Keep-alivewww-authenticate:basic realm= "Auth" [[EMAIL&NBsp;protected] default]# curl-i-xlocalhost:80 www.123.cn/admin/-uaikerenter host password for user ' Aiker ': http/1.1 200 OKServer:nginxDate:Mon, 2018 15:29:49 gmtcontent-type:text/html; charset=utf-8connection:keep-alivevary:accept-encodingx-powered-by:php/5.6.34

#针对指定的文件认证访问，一定注意include enable-php.conf;必须放在localtion条件后面，否则不生效，

cat /usr/local/nginx/conf/vhost/www.123.cn.conf    server{    listen 80;    server_name www.123.cn;    index index.php index.html index.htm;    root /www/wwwroot/www.123.cn;location ~ (.*)admin.php$     {        auth_basic              "Auth";        auth_basic_user_file   /usr/local/nginx/conf/htpasswd;}    include enable-php.conf;}[[email protected] default]# curl -I -xlocalhost:80 www.123.cn/admin.php       HTTP/1.1 401 UnauthorizedServer: nginxDate: Mon, 12 Mar 2018 15:59:50 GMTContent-Type: text/htmlContent-Length: 188Connection: keep-aliveWWW-Authenticate: Basic realm="Auth"

If PHP is explained before, then the authentication will not take effect, the following example:

# vim /usr/local/nginx/conf/vhost/www.123.cn.confserver{    listen 80;    server_name www.123.cn;    index index.php index.html index.htm;    root /www/wwwroot/www.123.cn;    include enable-php.conf;location ~ (.*)admin.php$     {        auth_basic              "Auth";        auth_basic_user_file   /usr/local/nginx/conf/htpasswd;}}# curl -I -xlocalhost:80 www.123.cn/admin.php    HTTP/1.1 200 OKServer: nginxDate: Mon, 12 Mar 2018 15:55:40 GMTContent-Type: text/html; charset=utf-8Connection: keep-aliveVary: Accept-EncodingX-Powered-By: PHP/5.6.34

Real-combat nginx Web user authentication

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More