Hey folks, Nginx noob here. I also posted here with no luck yet:
http://forum.piwik.org/read.php?2,123492
I have Piwik setup and running on a Nginx webserver that I protected with
HTTP basic authentication, as seen below.
location /analytics {
alias /var/www/piwik/;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/pass;
try_files $uri $uri/ /index.php;
}
location ~ ^/analytics(.+\.php)$ {
alias /var/www/piwik$1;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
I have it protected, but it's prompting to login on every page, due to the
piwik.php and piwik.js files (necessary for analytics) being in my protected
directory. This is described on Piwik's website, below.
"If you use HTTP Authentication (Basic or Digest) on your Piwik files, you
should exclude piwik.php and piwik.js from this authentication, or visitors
on your website would be prompted with the authentication popup."
My question is: what kind of Nginx rule can I use to protect all files in
that directory, besides those two? Is it possible to do a negative regex
match on a location block?
Any help would be appreciated!
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,256585,256585#msg-256585
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
