Hello all. I'm trying to configure my nginx server in what should be a pretty simple manner. It serves PHP scripts and has an admin area that I want to protect with an http username/password.

I'm running into a problem that I just can't figure out how to solve.

* If I use the config below, http auth works OK for the following requests:

http://myserver.com/admin -> http://myserver.com/admin/index.php
http://myserver.com/admin/ -> http://myserver.com/admin/index.php
http://myserver.com/admin/page.php -> http://myserver.com/admin/page.php

HOWEVER, the php scripts located in the /admin/ subfolder are served as static files--that is, the raw code is served, and they don't get processed by FCGI. Scripts located in the site root are processed correctly. Here is the configuration that causes this:

server {
        listen   80; ## listen for ipv4
        listen   [::]:80 default ipv6only=on; ## listen for ipv6

        server_name  myserver.com;
        server_name_in_redirect off;
        root   /path/to/www;
        index  index.php;

        location ~ ^/admin{
                auth_basic      "Restricted area";
                auth_basic_user_file   /path/to/www/.htpasswd;
        }

        location ~ \.php$ {
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /path/to/www$fastcgi_script_name;
                include fastcgi_params;
        }
}

* If I update the server configuration to place additional FCGI processing directives in the /admin/ location, http auth works OK, php is processed OK, HOWEVER accessing the admin folder without a trailing slash leads to a 404. For example:

http://myserver.com/admin -> 404
http://myserver.com/admin/ -> http://myserver.com/admin/index.php
http://myserver.com/admin/page.php -> http://myserver.com/admin/page.php

This is the config for this result (it's the same as above but with extra FCGI directives in the /admin location):

server {
        listen   80; ## listen for ipv4
        listen   [::]:80 default ipv6only=on; ## listen for ipv6

        server_name  myserver.com;
        server_name_in_redirect off;
        root   /path/to/www;
        index  index.php;

        location ~ ^/admin{
                auth_basic      "Restricted area";
                auth_basic_user_file   /path/to/www/.htpasswd;

                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /path/to/www$fastcgi_script_name;
                include fastcgi_params;
        }

        location ~ \.php$ {
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /path/to/www$fastcgi_script_name;
                include fastcgi_params;
        }
}

My question is: What do I need to do to this config so that 1) http auth works for the /admin/ folder; 2) PHP is processed correctly for the /admin/ folder; and 3) a trailing slash is not required to access the /admin/ folder index. This isn't a problem in Apache. Why am I having so much trouble with nginx?

It isn't such a big deal that the trailing slash doesn't work, since I'm the only one using the admin folder. But it bothers me that I just can't understand why this is happening, and I would like it to work. Any nginx experts out there?

Try posting your question at the Nginx forum/mailing list at: [url]http://forum.nginx.org/list.php?2[/url]

M.

OK- I'll try that then.