All server authorization using the auth_basic directive, except for one ip?

V

VA2020-02-14 18:29:28

Nginx

VA, 2020-02-14 18:29:28

Hello everyone I
just recently started learning Nginx

Tell me how to make everyone require prior authorization using the auth_basic directive,
except for clients with a specific ip (for example 11.22.33.44)

This is how I wanted to do it,
I will store logins and passwords in /etc/nginx/passwrds;

if ($remote_addr != 11.22.33.44) {
                auth_basic "Oops(";
                auth_basic_user_file /etc/nginx/passwrds; 
            }

but as you can see, this is a wrong work with the nginx syntax

, here is the site config itself

site.conf

server {
        listen 80;
        server_name _;

        server_tokens off;
        proxy_set_header X-Forwarded-For $remote_addr;

location / {

            allow 11.22.33.44;
            deny  all;

            proxy_pass         http://127.0.0.1:8000;
            proxy_set_header   Host $host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Host $server_name;
            proxy_read_timeout  1200s;

            # used for view/edit office file via Office Online Server
            client_max_body_size 0;

            access_log      /var/log/nginx/ access.log;
            error_log       /var/log/nginx/ error.log;
        }

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

vreitech, 2020-02-14
@Ozymandis

...
location / {
            satisfy any;
            allow 11.22.33.44;
            allow 22.33.44.55;
            deny  all;
            auth_basic "Oops(";
            auth_basic_user_file /etc/nginx/passwrds; 

            proxy_pass         http://127.0.0.1:8000;
...