Nginx password protect root, and separate password for subdirectory

Christiaan picture Christiaan · Apr 5, 2013 · Viewed 10.4k times · Source

I'm trying to set up basic HTTP authentication with Nginx that's multi-layered. I'd like to have one username & password for the entire site except for a certain subdirectory (URL), and a separate username & password for that subdirectory. If somebody navigates to that subdirectory, I want them to be prompted for the subdirectory-specific credentials only, and not the ones for the site root.

How do I set this up?

Answer

Chuan Ma picture Chuan Ma · Apr 6, 2013

Reference: http://nginx.org/en/docs/http/ngx_http_auth_basic_module.html

Assume the subdirectory url is http://www.example.com/admin/.

Step 1: create 2 files storing username/password (encrypted) pairs using htpasswd

# to secure the admin site
htpasswd -bc /tmp/admin_passwd.txt admin adminpassword
# to secure the main site
htpasswd -bc /tmp/site_passwd.txt user userpassword

Step 2: set up your nginx config:

server {
    listen                      80;
    server_name                 www.example.com;
    root        /tmp/www;

    location ^~ /admin/ {
        auth_basic           "secured site admin";
        auth_basic_user_file /tmp/admin_passwd.txt;
    }

    location / {
        auth_basic           "secured site";
        auth_basic_user_file /tmp/site_passwd.txt;
    }
}