0

I'm working with a control panel, and I need to put an authentication in admin access.

I already created the user and password, the configuration of nginx this way:

server {
listen 443 ssl;
server_name localhost;
root /usr/local/pannel/www;

gzip on;
gzip_http_version  1.1;
gzip_comp_level    5;
gzip_min_length    256;
gzip_proxied       any;
gzip_vary          on;

gzip_types
  application/atom+xml
  application/javascript
  application/json
  application/rss+xml
  application/vnd.ms-fontobject
  application/x-font-ttf
  application/x-web-app-manifest+json
  application/xhtml+xml
  application/xml
  font/opentype
  image/svg+xml
  image/x-icon
  text/css
  text/plain
  text/x-component;

ssl_certificate     /usr/local/svmstack/nginx/ssl/ssl.crt;
ssl_certificate_key /usr/local/svmstack/nginx/ssl/ssl.key;
ssl_session_timeout 6m;
ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers         HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

index index.php;

include services/custom/legacy-master-before-php-location-443.conf;

location ~ \.php$ {
    include services/custom/legacy-master-inside-php-location-443.conf;
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_read_timeout 3600;
    fastcgi_pass unix:/usr/local/svmstack/fpm/socket/web.sock;
    fastcgi_index index.php;
    include fastcgi.conf;
    fastcgi_param HTTPS $https;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
include services/custom/legacy-master-after-php-location-443.conf;
}

I could simply add the code below into location, however in that case it would request authentication for all files in the /usr/local/pannel/www; folder.

auth_basic "Restricted";
auth_basic_user_file /usr/local/pannel/htpasswd;

How can I create a new location, within the same key, for a specific URL, in which case the file is located at: /usr/local/pannel/www/admin/login.php

I need authentication to be requested only when this file is accessed (login.php).

Clebson
  • 113
  • 1
  • 6

1 Answers1

0

Define a location which requires authentication

location /admin/login.php {
  auth_basic "Restricted";
  auth_basic_user_file /usr/local/pannel/htpasswd;

  # anything else required
}
Tim
  • 30,383
  • 6
  • 47
  • 77
  • I tried to do it that way but it did not work. I've tried it too, see: https://pastebin.com/Y3szYSUQ, It asks for authentication, but when accessing the file it downloads rather than accesses. – Clebson Jun 18 '18 at 23:44
  • You need to tell Nginx to execute the PHP, default is to download the script. Copy fastcgi statements and such from the block above. I deliberately didn't use ~ in my example for location block matching, that's regular expression match, I wanted exact match based on what you've said. Read up [here](https://www.digitalocean.com/community/tutorials/understanding-nginx-server-and-location-block-selection-algorithms). – Tim Jun 18 '18 at 23:47
  • Do you speak to do it here? https://pastebin.com/AZc0p6fE – Clebson Jun 19 '18 at 00:13
  • Yes that kind of thing. You'll have to experiment a bit to get it working properly. – Tim Jun 19 '18 at 01:01
  • I tried, it did not work. Actually I've tried it in many ways. :/ – Clebson Jun 19 '18 at 01:25
  • Can you explain more briefly why the `~` was used? I did a test here now, and it looks like it worked with him. – Clebson Jun 19 '18 at 01:29
  • Here's how it went: https://pastebin.com/9DcHy4EM – Clebson Jun 19 '18 at 01:35
  • I use this technique on my own Nginx server, though I don't serve PHP. If you need more help you'll have to wait for someone else to take the time to give you an exact Nginx configuration, or pay a consultant to help you. – Tim Jun 19 '18 at 01:35