To my knowledge Nginx can only password protect directories from within the configuration file(s). That works nicely, but is not a real option for end-users who A) can not edit the configs and B) would break the configs if they could
Right now I am thinking about a webbased representation of the directory structure where they can point and click - rewriting the configs and re-kill-HUP-ing Nginx... But somehow the whole idea feels like I am about to rewrite cPanel v0.0.1 ;-)
Anybody here had the same problem and came up with an elegant and maintainable solution? I have full control over the server.
Thanks!
You don't really want users to change the configs, do you? For password-protection, a htpasswd-file is sufficient, if the realm always stays the same. And nginx itself can check for a file existense. So, this is what could do the job:
location ~ ^/([^/]*)/(.*) {
if (-f $document_root/$1/.htpasswd) {
error_page 599 = @auth;
return 599;
}
}
location @auth {
auth_basic "Password-protected";
auth_basic_user_file $document_root/$1/.htpasswd;
}
Works for me with nginx-0.7.65. 0.6.x and earlier releases are probably no-go