My understanding is that
location /admin {
auth_basic "Administrator Login";
auth_basic_user_file /path/to/.htpasswd
}
with .htpasswd created via htpasswd -c ... and the path to it being absolute should protect access to the /admin folder and everything within it. What I find, is that when I browse to
http://example.com/admin I am prompted for the admin password. However, if I browse to http://example.com/readme.txt Nginx happily shows me the contents of readme.txt. I am using Nginx 1.6.2 on Ubuntu 14.10 x64. Is this a bug or have I got my understanding of Nginx wrong? I'd much appreciate any help.
location /admin {
auth_basic "Administrator Login";
auth_basic_user_file /path/to/.htpasswd
}
with .htpasswd created via htpasswd -c ... and the path to it being absolute should protect access to the /admin folder and everything within it. What I find, is that when I browse to
http://example.com/admin I am prompted for the admin password. However, if I browse to http://example.com/readme.txt Nginx happily shows me the contents of readme.txt. I am using Nginx 1.6.2 on Ubuntu 14.10 x64. Is this a bug or have I got my understanding of Nginx wrong? I'd much appreciate any help.