Question
nginx authbasic only protects folders but not individual files
I have this in my server config
location / {
try_files $uri $uri/ =404;
auth_basic "protected site";
auth_basic_user_file /etc/nginx/.htpasswd;
}
When I call my domain or any subfolder, e.g. http://example.com/folder/ protection works fine
but when I call my domain incl. file-name, e.g. http://example.com/index.php I don’t need to enter any credentials and can just bypass authbasic.
What did I do wrong here?
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Solved it.
has to be moved outside of location block and then it works for the whole site