How to disable http basic auth in nginx for a specific ip range?

Question

I'm developing an application with facebook login. So far it's not public and is protected by http basic auth in nginx. Is it possible to disable http auth for facebook's ip range so that we can have our tester test the facebook capabilities as well? Please, include an example configuration snippet, if possible.

score 67 · Accepted Answer · answered Mar 02 '11 at 14:34

67

Use satisfy directive to allow access. 32934 is facebook autonomous system, look facebook ip.

satisfy  any;
allow 66.220.144.0/20;
allow 66.220.152.0/21;
allow ...
deny   all;

auth_basic            "closed site";
auth_basic_user_file  conf/htpasswd;

answered Mar 02 '11 at 14:34

ooshro

10,874
1
31
31

1

There's an up to date list of IP ranges here: https://developers.facebook.com/docs/ApplicationSecurity/#facebook_scraper – Kit Sunde Jan 12 '14 at 22:32
3

You may also need to set the real ip if you are behind a proxy, at the server direct i.e. `set_real_ip_from 0.0.0.0/0; real_ip_header X-Forwarded-For;` – radtek May 09 '19 at 15:13

How to disable http basic auth in nginx for a specific ip range?

1 Answers1