Home > Software engineering >  Nginx proxy Wordpress http auth
Nginx proxy Wordpress http auth

Time:04-18

I tried to create a password on https://www.example.de/wp-admin.php & /wp-login.php, but it does not work and skip the auth part.

My config:

            server {
            set $forward_scheme https;
            listen 443 ssl http2;
            listen [::]:443 ssl http2;
            server_name www.example.de;

            # Exploit prevention
            # Error Pages
            # Assets
            include                     /etc/nginx/conf.d/exploit.conf;
            include                     /etc/nginx/conf.d/err.conf;
            #include                    /etc/nginx/conf.d/assets.conf;

            location ^~ / {
                include /etc/nginx/conf.d/proxy.conf;
                proxy_pass              https://10.10.10.6;
                client_max_body_size    100M;
                sendfile                on; 
            }

            # HTTP aut wp-login & wp-admin areas

            location ~* /(wp-login\.php) {
                auth_basic              "Authorization Required";
                auth_basic_user_file    /etc/nginx/.htpasswd;
                deny                    all;
                allow                   127.0.0.1;
                satisfy                 all;
            }

            location ~* /wp-admin/.*\.php$ {
                auth_basic              "Authorization Required";
                auth_basic_user_file    /etc/nginx/.htpasswd;
                deny                    all;
                allow                   127.0.0.1;
                satisfy                 all;
            }
            
            # Logging
            access_log                  /var/log/nginx/alllectra.access.log;
            error_log                   /var/log/nginx/alllectra.error.log;

        }

Feel free to make it better then me.

~ Thx!

CodePudding user response:

Seems to be your locations order is incorrect, try this (also minor fixes):

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.example.de;

    set $forward_scheme https;

    # Logging
    access_log                  /var/log/nginx/alllectra.access.log;
    error_log                   /var/log/nginx/alllectra.error.log;

    # Exploit prevention
    # Error Pages
    # Assets
    include                     /etc/nginx/conf.d/exploit.conf;
    include                     /etc/nginx/conf.d/err.conf;
    #include                    /etc/nginx/conf.d/assets.conf;

    # HTTP aut wp-login & wp-admin areas
    location ~ ^/(wp-admin|wp-login\.php) {
        satisfy                 any;

        deny                    all;
        allow                   127.0.0.1;

        auth_basic              "Authorization Required";
        auth_basic_user_file    /etc/nginx/.htpasswd;
    }

    location / {
        include /etc/nginx/conf.d/proxy.conf;
        proxy_pass              https://10.10.10.6;
        client_max_body_size    100M;
        sendfile                on; 
    }

}

CodePudding user response:

This Solution is Edited by @TexosAC and is owned by @user973254

Seems to be your location's order is incorrect, try this (also minor fixes):

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.example.de;

    set $forward_scheme https;

    # Logging
    access_log                  /var/log/nginx/alllectra.access.log;
    error_log                   /var/log/nginx/alllectra.error.log;

    # Exploit prevention
    # Error Pages
    # Assets
    include                     /etc/nginx/conf.d/exploit.conf;
    include                     /etc/nginx/conf.d/err.conf;
    #include                    /etc/nginx/conf.d/assets.conf;

    # HTTP aut wp-login & wp-admin areas
    location ~ ^/(wp-admin|wp-login\.php) {
        satisfy                 any;

        deny                    all;
        allow                   127.0.0.1;

        auth_basic              "Authorization Required";
        auth_basic_user_file    /etc/nginx/.htpasswd;

        include /etc/nginx/conf.d/proxy.conf;
        proxy_pass              https://10.10.10.6;
        client_max_body_size    100M;
        sendfile                on; 
    }

    location / {
        include /etc/nginx/conf.d/proxy.conf;
        proxy_pass              https://10.10.10.6;
        client_max_body_size    100M;
        sendfile                on; 
    }

}
  • Related