I am trying to secure couple of locations using the basic HTTP authentication that comes with Nginx, but for some reason it won't work.
I have:
website.com/admin (This is accesible by user ADMIN) website.com/admin/secret.php (This is accessible only by user SECRET)
I used to have it working in Lighttpd:
"/admin/secret.php" => (
"method" => "basic",
"realm" => "Server Administrator",
"require" => "user=SECRET"
),
"/admin" => (
"method" => "basic",
"realm" => "Administrators",
"require" => "user=ADMIN"
)
Any ideas how this can be converted to Nginx. I've tried with the following, but only ADMIN will ask for password:
location /admin/secret.php {
auth_basic "Restricted";
auth_basic_user_file /home/passwords/SECRET;
try_files $uri = 404;
fastcgi_pass localhost:9000;
}
location ^~ /admin/.+\.php$ {
auth_basic "Restricted";
auth_basic_user_file /home/passwords/ADMIN;
try_files $uri = 404;
fastcgi_pass localhost:9000;
}