PHP not processing if within a basic auth'd directory

Discussion in 'General' started by jbd123, Jul 18, 2012.

  1. jbd123

    jbd123 New Member

    Hi folks

    Slight issue with basic auth + PHP in a domain set up in ISPConfig

    Web Server: Nginx 1.2
    PHP : PHP-FPM, latest.

    Standard setup for this configuration - the file is created by ISPConfig:

    cat /etc/nginx/sites-enabled/

            location ~ \.php$ {
                try_files $uri =404;
                include /etc/nginx/fastcgi_params;
                fastcgi_pass unix:/var/lib/php5-fpm/web1.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_script_name;
                fastcgi_intercept_errors on;
            location ^~ /protected/ {
                    auth_basic "Members Only";
                    auth_basic_user_file /path/to/.htpasswd;

    If I wget the a PHP file in /protected using the --http-user / -S etc config flags, the file downloads as Content-Type: application/octet-stream


    wget -S --http-user=user --http-password=password

    ..Content-Type: application/octet-stream

    If I remove the basic auth (the config '/protected'), the file correctly gets passed to the backend PHP socket.

    From the looks of it, there is a bug in the configuration written by ISPConfig. Nginx says:

    "If this match used the "^~" prefix, searching stops."

    Meaning that /protected is handled once but the php location config is not handled as the /protected location matches first (it's not matched in config file order).

    I removed the "^~" and reload nginx manually, and the setup works. Of course, this will be overwritten when the domain config is changed.

    Does this look like a bug ?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    As far as I know, this has been reported already to the bugtracker an is fixed in svn.

Share This Page