Using nginx: require authentication when request from public IP, not needed when local

Question

I wrote a simple file browser app which is served using node on port 3000. I use nginx as a front-end which proxies this service. This is on my home server.

I would like to be able to require basic HTTP authentication when I'm accessing it over my public IP, but not when I'm at home. I have this configuration:

location /files {
  satisfy any;
  allow 10.1.0.0/24;
  deny all;
  auth_basic "Authentication Required";
  auth_basic_user_file /etc/access_list;
  proxy_pass http://127.0.0.1:3000/;
}

However, this isn't working. When I'm on my home network on the same subnet, it is still requiring me to do the basic HTTP authentication. I had thought the order "allow > deny > auth" paired with "satisfy any" is correct. Am I doing anything wrong here? Is this possible?

Did you make sure you're accessing it via internal IP? What does your `access_log` say? — etagenklo, May 27 '13 at 17:10
Access log is showing I'm requesting from 10.1.1.157, the IP of my notebook. — NMS, May 28 '13 at 01:25
Ok, this is stupid. The second line should read 10.1.1.0/24. — NMS, May 28 '13 at 01:29

score 0 · Answer 1 · edited Dec 08 '16 at 18:54

0

There is typo in above config. The connection is from 10.1.1.157, but the configuration file just allows from 10.1.0.0/24.

The fix is simple: Change the problematic line to the following one:

allow 10.1.1.0/24;

edited Dec 08 '16 at 18:54

apaderno

123
9

answered Dec 15 '14 at 22:37

masegaloeh

17,978
9
56
104

Using nginx: require authentication when request from public IP, not needed when local

1 Answers1

Linked