Nginx dual user authentication:
suitable for a number of sites important pages (for example: admin page administrator login), the effect is two-factor authentication before you open an important page enter the account password to verify a user-factor authentication username and password.
Next article described above using WordPress to build personal blog site , for example to configure nginx dual user authentication
To open a personal blog site administrator login page:
modify nginx virtual host configuration file to add the current page wp-login.php dual user authentication:
[root@linux ~]# vi /etc/nginx/conf.d/default.conf
Add the following:
location ~ wp-login.php
{
auth_basic "Auth";
auth_basic_user_file /etc/nginx/user_passwd;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/test.blog.com$fastcgi_script_name;
include fastcgi_params;
}
And root, index entry location removed, making it a global configuration:
Due to the configuration content defines the added dual user authentication configured / etc / ngninx / user_passwd, but currently do not have this file, you need to use the htpasswd command to generate the file:
Installation package httpd-tools:
[root@linux ~]# yum -y install httpd-tools
Generate a configuration file and add user authentication:
[root@linux ~]# htpasswd -c /etc/nginx/user_passwd admin1
New password:
Re-type new password:
Adding password for user admin1
# User_passwd file and generate increased admin1 user authentication and password, -c parameters: create, for the first time to generate the authentication profile to use
New users need to authenticate using the -m parameter (MD5 encryption):
[root@linux ~]# htpasswd -m /etc/nginx/user_passwd admin2
New password:
Re-type new password:
Adding password for user admin2
View user authentication profile to see the account used for authentication added:
[root@linux ~]# cat /etc/nginx/user_passwd
admin1:$apr1$Qn57LBlw$fE4QyHrsQReHUrSvPdmxs/
admin2:$apr1$VH2Qe1nW$zn.1Hzn3QaF2RwJJDheGN.
Reload nginx:
[root@linux ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@linux ~]# nginx -s reload
: Open again personal blog site administrator sign-in page can display dual user authentication dialog box
to enter # after the first double administrator account password user authentication background
Nginx location优先级详解:
nginx的location配置:
nginx location语法规则:location [=|~|~*|^~|/] /uri/ { … }
nginx的location匹配的变量是$uri
符号 | 说明 |
---|---|
= | 表示精确匹配 |
^~ | 表示uri以指定字符或字符串开头 |
~ | 表示区分大小写的正则匹配 |
~* | 表示不区分大小写的正则匹配 |
/ | 通用匹配,任何请求都会匹配到 |
优先级规则:
= 高于 ^~ 高于 ~* 等于 ~ 高于 /
规则示例:
location = “/12.jpg” { … }
如:
www.test.com/12.jpg 匹配
www.test/abc/12.jpg 不匹配
location ^~ “/abc/” { … }
如:
www.test/abc/123.html 匹配
www.test.com/a/abc/123.jpg 不匹配
location ~ “png” { … }
如:
www.test.com/aaa/bbb/ccc/123.png 匹配
www.test.com/aaa/png/123.html 匹配
location ~* “png” { … }
如:
www.test.com/aaa/bbb/ccc/123.PNG 匹配
www.test.com/aaa/png/123.html 匹配
location / admin / {...}
as:
www.test.com/admin/aaa/1.php matching
www.test.com/123/admin/1.php mismatch
Comparison / and ~
Example 1:
server{
listen 80;
server_name www.test.com;
root /tmp/123.com;
location /abc/
{
echo "/";
}
location ~ 'abc'
{
echo "~";
}
}
Test Command: curl -x127.0.0.1: 80 'www.test.com/abc/1.png'
results are: -
~ ~ And Comparative *
Example 2:
server
{
listen 80;
server_name www.test.com;
root /tmp/123.com;
location ~ 'abc'
{
echo '~';
}
location ~* 'abc'
{
echo '~*';
}
}
Test Command: curl -x127.0.0.1: 80 'www.test.com/abc/123.html'
results are: -
Example 3:
server
{
listen 80;
server_name www.test.com;
root /tmp/123.com;
location ~* 'abc'
{
echo '~*';
}
location ~ 'abc'
{
echo '~';
}
}
Test Command: curl -x127.0.0.1: 80 'www.test.com/abc/123.html'
results are: * ~
Conclusion: ~ * ~ priority and in fact is the same, if two conditions are satisfied at the same time, the configuration file in which location front, which entered into force.
~ ~ ^ And Comparative
Example 4:
server
{
listen 80;
server_name www.test.com;
root /tmp/123.com;
location ~ '/abc'
{
echo '~';
}
location ^~ '/abc'
{
echo '^~';
}
}
Test Command: curl -x127.0.0.1: 80 'www.test.com/abc/123.html
result is: ^ ~
= ^ - and Comparative
Example 5:
server
{
listen 80;
server_name www.test.com;
root /tmp/123.com;
location ^~ '/abc.html'
{
echo '^~';
}
location = '/abc.html'
{
echo '=';
}
}
Test Command: curl -x127.0.0.1: 80 'www.test.com/abc.html
result: =