nginx能否通過基本身份驗證來保護uri（在重寫前）？

Question

從apache遷移時，nginx出現問題。

所有的uris都被重寫到/index.php，並且^/admin uri應該被基本的auth保護。

與Apache的時候，我將其配置如下：

RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-d 
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f 
RewriteRule ^(.*)$ /index.php [L] 

<Location ~ "^/admin"> 
    AuthType Basic 
    AuthName "Restricted" 
    AuthUserFile /etc/apache2/httpd.passwd 
    Require valid-user 
</Location> 

這是nginx的配置，但它不工作：

if (!-f $request_filename) { 
    rewrite^/index.php last; 
} 

location ~ \.php$ { 
    include fastcgi.conf; 
    fastcgi_pass 127.0.0.1:9000; 
    fastcgi_index index.php; 
} 

location ~* /admin/ { 
    auth_basic "admin login"; 
    auth_basic_user_file /etc/nginx/httpd.passwd; 
} 

我怎麼能做到這一點的nginx的？

Answer 1

翻譯apache配置很少是1：1轉換成nginx指令。重寫階段在訪問階段之前執行，並且在選擇位置之前執行服務器級重寫指令，因此即使在考慮管理位置之前也會運行if/rewrite。我會建議這樣的事情：

server { 
    # general FCP try_files 
    location/{ 
    try_files $uri $uri/ /index.php; 
    } 

    # capture everything starting with /admin/, don't let regex locations override 
    location ^~ /admin/ { 
    auth_basic "admin login"; 
    auth_basic_user_file /etc/nginx/httpd.passwd; 

    # should this /index.php be /admin/index.php, or does it go through 
    # the normal front controller? 
    try_files $uri $uri/ /index.php; 

    # handle /admin/*.php requests in here so they're protected by auth_basic 
    location ~ \.php$ { 
     include fastcgi.conf; 
     fastcgi_pass 127.0.0.1:9000; 
    } 
    } 

    # handle php files 
    location ~ \.php$ { 
    include fastcgi.conf; 
    fastcgi_pass 127.0.0.1:9000; 
    } 
}