This is my basic configuration for a wordpress site.
server {
root /var/www/site;
listen *****;
server_name *****;
include basics.conf;
}
As soon as I add the location section to restrict the access to WP login, the wp-login.php file is send to the browser instead being executed as php. I have
server {
root /var/www/site;
listen *****;
server_name *****;
include basics.conf;
location ^~ /wp-login.php {
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}
I've tried copying what I have in my basics.conf after the auth_ settings but it didn't made it work either. My location / is also configured in my basics.conf because I use it for all php sites.
server {
root /var/www/site;
listen *****;
server_name *****;
include basics.conf;
location ^~ /wp-login.php {
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/.htpasswd;
index index.html index.htm index.php;
allow all;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/(.+)$ /index.php last;
break;
}
}
}
This is my basics.conf
location / {
index index.html index.htm index.php;
allow all;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/(.+)$ /index.php last;
break;
}
}
include php-fastcgi.conf;
This is my php-fastcgi.conf
location ~ \.php$ {
try_files $uri =404;
fastcgi_intercept_errors on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
So how can I get my login protected by auth while keep it being parsed as php instead of being send to the browser?
