NGINX auth_basic is giving me a '404 not found' message ...

Posted May 31, 2016 8.2k views

I just followed the tutorial for installing and securing PHPmyadmin with Nginx on ubuntu (

Everything went well until I wanted to implement the authentication gate. I keep getting a 404 not found message, while I can’t find anything wrong with what I did (I hope I’m wrong though).

*I have virtual hosts setup as follows : *


In this setup I have made the DEFAULT and inside /var/www/ I have create a symlink for Phpmyadmin with :** sudo ln -s /usr/share/phpmyadmin /var/www/**

*The default ( serverblock looks like this : *

server {
listen 80 defaultserver;
listen [::]:80 default
server ipv6only=on;

    root /var/www/;
    index index.php index.html index.htm;


    # Make site accessible from http://localhost/
    server_name localhost;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
            # Uncomment to enable naxsi on this location
            # include /etc/nginx/naxsi.rules

    #error_page 404 /404.html;
    error_page 401 403 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
            root /usr/share/nginx/html;

 location /phpmyadmin {
        auth_basic "Admin Login";
        auth_basic_user_file /etc/nginx/pma_pass;

    location ~ \.php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;


I have gone over this thing I don’t know how many times. I’ve even tried it in the original Nginx webroot. I’ve tried truning of Fail2ban and putting all jails as FALSE and nothing seems to stop the 404 not found message. The only thing that works is taking out the location directive and thus the gateway authentication.

Well, that’s about it … I hope someone can help me with this …
Thanks in advance ..

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

For anyone who has this problem after following the : tutorial, keep in mind the following.

The problem seems to be in the line : error_page 401 403 404 /404.html;

When I take away the 401 out of the line, then the basic auth works fine …

by Toli
Nginx is a very secure and reliable web server even with a default setup. However, there are many ways to secure Nginx further. In this article, we will use open source software exclusively while trying to follow some popular web server hardening approaches and security standards. Namely, we'll be talking about preventing information disclosure, enforcing encryption, performing audits, and limiting access.
  • Absolutely right. Thanks !

    This make sense because 401 is the code for “Authorization Required”.

    Exactly what we are trying to do now. Removing it fixes the conflict of 401 being treated as 404.

Thanks a lot for this one. It was a nightmare I could not solve.