I tried to create a password on https://www.example.de/wp-admin.php & /wp-login.php, but it does not work and skip the auth part.
My config:
server {
set $forward_scheme https;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.de;
# Exploit prevention
# Error Pages
# Assets
include /etc/nginx/conf.d/exploit.conf;
include /etc/nginx/conf.d/err.conf;
#include /etc/nginx/conf.d/assets.conf;
location ^~ / {
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
# HTTP aut wp-login & wp-admin areas
location ~* /(wp-login\.php) {
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
deny all;
allow 127.0.0.1;
satisfy all;
}
location ~* /wp-admin/.*\.php$ {
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
deny all;
allow 127.0.0.1;
satisfy all;
}
# Logging
access_log /var/log/nginx/alllectra.access.log;
error_log /var/log/nginx/alllectra.error.log;
}
Feel free to make it better then me.
~ Thx!
CodePudding user response:
Seems to be your locations order is incorrect, try this (also minor fixes):
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.de;
set $forward_scheme https;
# Logging
access_log /var/log/nginx/alllectra.access.log;
error_log /var/log/nginx/alllectra.error.log;
# Exploit prevention
# Error Pages
# Assets
include /etc/nginx/conf.d/exploit.conf;
include /etc/nginx/conf.d/err.conf;
#include /etc/nginx/conf.d/assets.conf;
# HTTP aut wp-login & wp-admin areas
location ~ ^/(wp-admin|wp-login\.php) {
satisfy any;
deny all;
allow 127.0.0.1;
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
}
location / {
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
}
CodePudding user response:
This Solution is Edited by @TexosAC and is owned by @user973254
Seems to be your location's order is incorrect, try this (also minor fixes):
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.de;
set $forward_scheme https;
# Logging
access_log /var/log/nginx/alllectra.access.log;
error_log /var/log/nginx/alllectra.error.log;
# Exploit prevention
# Error Pages
# Assets
include /etc/nginx/conf.d/exploit.conf;
include /etc/nginx/conf.d/err.conf;
#include /etc/nginx/conf.d/assets.conf;
# HTTP aut wp-login & wp-admin areas
location ~ ^/(wp-admin|wp-login\.php) {
satisfy any;
deny all;
allow 127.0.0.1;
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
location / {
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
}