我在我的域的子文件夹中运行WordPress,以便在VPS LEMP堆栈上进行testing和开发。 为了使用etxra层对wp-login.php进行密码保护,我对wp-admin文件夹使用了HTTP身份validation。
问题是,http身份validation被忽略。 当wp-login.php或wp-admin -folder被调用时,它会直接进入正常的WordPresslogin。
我以如下方式从命令行安装了所有东西:
sudo apt-get install apache2-utils sudo htpasswd -c /var/www/bitmall/wp-admin/.htpasswd exampleuser New password: Re-type new password: Adding password for user exampleuser
我的Nginxconfiguration文件如下所示:
server { listen 80; root /var/www; index index.php index.html index.htm; server_name example.com; location / { try_files $uri $uri/ /index.html; } location /bitmall/wp-admin/ { auth_basic "Restricted Section"; auth_basic_user_file /var/www/bitmall/wp-admin/.htpasswd; } location ~ /\.ht { deny all; } error_page 404 /404.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root /var/www; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }
我将不胜感激你。
尝试:
location ^~ /bitmall/wp-login.php { auth_basic "Restricted Section"; auth_basic_user_file /var/www/bitmall/wp-admin/.htpasswd; }