basic auth

Bypass Basic Auth for Localhost on Nginx

Submitted by tomo on October 1, 2012 - 12:45am

During development sometimes I hide a server behind a shared password for http basic auth, based on an Apache configuration (if you still want to use .htpasswd but don't have Apache and htpasswd installed you can still generate the password entries using openssl). nginx can use the same format of .htpasswd files by using the HttpAuthBasicModule. But sometimes I need a service to crawl pages on the server (for example Drupal's linkchecker module). And sometimes storing the basic auth login and password in a script isn't wanted or advisable. Instead we can configure nginx to skip authentication when connecting from localhost/127.0.0.1.

Open up your nginx configuration which already contains your auth_basic directives. Assuming you are running a PHP site and you have a "location ~ \.php$" block, make it look more like this:

location ~ \.php$ {
  satisfy any;
  allow 127.0.0.1;
  deny all;
 
  auth_basic            "Restricted";
  auth_basic_user_file  /yoursite/path/.htpasswd;
}

Remember that the order of the allow/deny directives matters. More on the nginx_http_access_module module.

Syndicate content
© 2010-2014 Saigonist.