我正在尝试为特定的目录( /api/ )禁用basic_auth,但仍然对我正在使用的网站的其余部分进行基本身份validation。 以下是我的nginx.conf :
server { # base settings listen 80; server_name somesite-somewhere-anywhere.com; root /var/www/wordpress; index index.php index.html index.htm; if (!-e $request_filename) { rewrite ^(.+)$ /index.php?q=$1 last; } # setup logs access_log /var/log/nginx/somesite-somewhere-anywhere.com.access.log; error_log /var/log/nginx/somesite-somewhere-anywhere.com.error.log; # setup 404 error_page 404 /404.html; location /404.html { internal; } # map 403 to 404 error_page 403 = 404; # hide wordpress details location ~ /(\.|wp-config.php|readme.html|licence.txt) { return 404; } # add trailing slash to wp-admin requests rewrite /wp-admin$ $scheme://$host$uri/ permanent; # ignore robots in logging location = /robots.txt { allow all; log_not_found off; access_log off; } # ssl redirect # setup location location / { # setup basic auth auth_basic dk; auth_basic_user_file /var/www/htpasswd; # fastcgi setup location ~* (^(?!(?:(?!(php|inc)).)*/uploads/).*?(php)) { try_files $uri = 404; fastcgi_split_path_info ^(.+.php)(.*)$; fastcgi_pass unix:/var/run/php-fpm.socket; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffer_size 128k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } # prevent access to hidden files location ~ /\. { deny all; access_log off; log_not_found off; } } # allow access to api without auth location /api/ { auth_basic "off" ; } }
你可以在nginx的auth基本文档中看到“auth_basic off” 是你需要的。 所以我怀疑这里还有别的事情要做 告诉我们你是如何击中url的?
也许你打了/ api没有斜线? 如果你还有问题,你可以用下面的方法来解决它:
location /api/ { satisfy any; allow all; auth_basic "dk"; auth_basic_user_file "/var/www/htpasswd"; }
这是错误的做法,但取决于在你的环境中做正确的事情的重要性,它可能是快速的(如果你有位置/inheritance指定正确)