Deny access to directory, allow access to files NGINX

Question

I’m trying to put my directories behind a htpasswd file, but allow any user to access the files in said directory.

So far I have this


location ~ ^/files\/.*(?=\.)$  {
  auth_basic            "Restricted";
  auth_basic_user_file  /media/sdh1/home/qwertyspace/www/qwertyspace.zeus/public_html/files/.htpasswd;
  autoindex on;
}

#allow retrieval of any individual image via URL without auth
location ~* \..*$ {
  autoindex off;
}

Based off this: https://serverfault.com/questions/574348/how-can-i-password-protect-a-directory-with-nginx-but-not-the-files-within-the

But it still asks for a password when trying to download a file.

alexdo · Answer

Hello, @QwertySpace

I’ve noticed that another community user have asked the same question and he was able to achieve this in this posted question:

https://www.digitalocean.com/community/questions/how-to-restrict-multiple-directories-with-nginx-but-still-access-files

In my case, I wanted to restricted people from wondering around my server just by typing the www.exemple.com/test1/test2 and be able to see what is inside it without specifying the direct link to it example: www.exemple.com/test1/test2/image1.png

There is a command also that is important that sets a priority of file searching;

location / { try_files $uri $uri/ =404; }

This command means it will try to access the file 1st then the folder then give you an error 404 if nothing works. More info: http://stackoverflow.com/questions/17798457/how-can-i-make-this-try-files-directive-work

Hope this helps.

Regards, Alex

alexdo · Answer

Hello, @QwertySpace

You should be able to set this using:

auth_basic "Admin Access";

instead of:

auth_basic "Restricted";
location ~* \..*$ {
autoindex off;

Hope this helps,

Let me know how it goes.

Regards, Alex

Related Questions

Question

Deny access to directory, allow access to files NGINX

Popular Topics

Questions