This article describes how to configure Nginx server Detailed added authentication password for the site or directory, use the Apache's htpasswd tool, a friend in need can refer to
nginx can even set specific file or directory password authentication for the site. The password must be encrypted with crypt. You can use the apache htpasswd to create a password.
The format is:
-b -c site_pass username password htpasswd
site_pass for the password file. In the same case nginx configuration files in the same directory, but you can also put other directory, it is necessary to specify the address, absolute or relative to the current directory in nginx configuration file.
If you do not find the command prompt enter htpasswd command, you need to install the httpd. If centos may perform it is to install,
yum install httpd
If you do not want to install httpd, you can use the perl script to implement (code is as follows :)
! # / Usr / bin / perl -w #filename: add_ftp_user.pl use strict; # print "#example: user: passwd \ n"; while (<STDIN>) {exit if ($ _ = ~ / ^ \ n /); chomp; (my $ user, my $ pass) = split /: /, $ _, 2; my $ crypt = crypt $ pass, '$ 1 $' gensalt (8); print "$ user:. $ crypt \ n ";} sub gensalt { my $ count = shift; my @salt = (, '/', 0 .. 9, 'A' .. 'Z', 'a' .. 'z' '.') ; my $ s; $ s = $ salt [rand @salt] for (1 .. $ count); return $ s;}.
script executable permission given:
the chmod + X O add_user.pl
script to use:
./add_user.pluser:password
paste the generated user name and password to / usr / local / nginx / conf / vhost / nginx_passwd file to
If the certification is to add to the site, you can write directly to the certification statement in the configuration section of the nginx server.
If the certification is to add to the directory, it needs to be written in the form of a catalog. At the same time, plus execute php in the catalog, or php it will be downloaded rather than executed.
For example: based on certification of the entire site, auth_basic before php explanation.
server {listen 80; server_name www.iis7.com jb51.net ; root /www/jb51.net; index index.html index.htm index.php; auth_basic "input you user name and password"; auth_basic_user_file / usr / local / nginx / conf / vhost / nginx_passwd; location ~ .php $ {fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params;} location ~ /\.ht {deny all;} access_log /logs/jb51.net_access.log main;}
for certification directory, in a separate location, and a location nested php explanation in this location, otherwise not execute php file and will be downloaded. After the nested auth_basic location.
server {listen 80; server_name www.iis7.com jb51.net ; root /www/jb51.net; index index.html index.htm index.php; location ~ ^ / admin /.* {location ~ \ .php $ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params ;} auth_basic "auth"; auth_basic_user_file /usr/http://www.bbqmw.net/qm_yeqm/ baby name / local / nginx / conf / vhost / auth / admin.pass;} location ~ .php $ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params;} location ~ /\.ht {deny all;} access_log /logs/jb51.net_access.log main;}
there is a detail, that location ~ ^ / admin /.* {... } protect all files in the admin directory. If you only set the / admin / less direct input /admin/index.php can still access and run. ^ / admin /.* intended for the protection of all files in the directory. Of course, only one certification. And not every request or a request for each file to be certified it.