I'm trying to setup basic authentication for all of my site, but I'm getting a redirect loop when I try to enable it. Current config works, but when I add
auth_basic "Secured";
auth_basic_user_file /var/www/*****/.htpasswd;
under location / {
it redirects endlessly to mysite.com/login and fails. mysite.com/login is the login page for the script I'm using, but it is not supposed to redirect there upon visiting the homepagepage and it does not do so normally. I am not sure if something in my script is causing the redirect loop, or my nginx config but I would like to figure a way to enable basic HTTP authentication.
Any ideas would be most appreciated, thank you.
server {
server_name ***** www.*****;
# note that these lines are originally from the "location /" block
root /var/www/******/public;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
include fastcgi.conf;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
internal;
}
location ~ \.php$ {
return 404;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/*****/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/*****/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.*****) {
return 302 https://$host$request_uri;
} # managed by Certbot
if ($host = *****) {
return 302 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name ***** www.*****;
return 404; # managed by Certbot
}