61711

Apache 2.4 and php-fpm does not trigger apache http basic auth for php pages

I am sure this is a question which has been asked somewhere, if so excuse me, but googling around did not give me anything tangible.

<strong>Here is my scenario:</strong>

I am protecting a web directory with apache http basic auth. So I have my .htaccess in the root folder and my httpd.conf is configure to override all so that it takes the .htaccess into consideration. The content of my .htaccess is as follows:

AuthType Basic

AuthName "test"

AuthUserFile /etc/httpd/.test_pass

Require valid-user

.test_pass has been set up with htpasswd successfully. When accessing the web root folder via the browser or any html file I get the authentication pop up correctly. Using the password gives me the expected access.

But when I access a php page, the authentication pop up does not appear and the php page renders.

Here is my set up:

    <li>Apache Version: 2.4.6 </li> <li>php-fpm: PHP 5.4.16 (fpm-fcgi) with Zend Engine v2.4.0</li> <li>Using proxypass from proxy_fcgi_module (shared) for the communication between apache 2.4 and php-fpm</li> <li>Also I am not using socket connections because apache 2.4.6 does not support it</li> <li>My proxypass setting is as follows and works pretty well: ProxyPassMatch ^/(..php(/.)?)$ fcgi://127.0.0.1:9000/var/www/html/$1</li> </ul>

    I need to be able to set a username/password authentication via apache basic auth which protects every files including php files in the directory.

    I am using opensource softwares; therefore modifying the software codes is the very last resort.

    Is there a work around/solution for php-fpm and mod_proxy_fcgi?

    Thanks

    Answer1:

    After hours of research I understood that the reason that this occurs is because the ProxyPassMatch directive is the first directive to be processed, and this causes apache to ignore the other directives for the .php extensions.

    To be able to use other apache directives with php-fpm via the proxy_fcgi_module one should rather use the filesmatch directive instead of proxypassmatch.

    The syntax is as follows:

    <FilesMatch \.php$> SetHandler "proxy:fcgi://127.0.0.1:9000" </FilesMatch>

Recommend

  • Overriding global htpasswd password protection
  • Why http authentication with htaccess get slow when password incorrect?
  • Codeigniter + GoCart CMS + Dreamhost (Shared Hosting) says “Unable to locate the model you have spec
  • How can I use .htaccess file in nginx
  • Password Authentication - Inconsistent Hashes
  • Angular: how to add a unique .htaccess file per configuration?
  • Right way to access Java Singleton private members
  • C# Application Relative Paths
  • How to prevent cross domain issues by proxying in IIS?
  • Performance difference between accessing local and class member variables
  • Access PCF DEV from external machine on same network as host
  • MAVEN : Run Multiple Maven Project using Maven Test
  • How to implement Deep Linking in Roku SG application?
  • Why must we declare a variable name when adding a method to a struct in Golang?
  • Repository Browser Only - \"Repository moved permanently to… please relocate”
  • How can I restyle a word when rendering a pdf with pdf.js?
  • what makes a request a new request in asp.net C#
  • How to programatically 'login' a user based on 'remember me' cookie when using j
  • Symfony 2. CSRF token is invalid
  • Suppressing passwd when calling sqlplus from shell script
  • Invalid object name 'dbo.Item'
  • Authentication in Play! and RestEasy
  • Jenkins: FATAL: Could not initialize class hudson.util.ProcessTree$UnixReflection
  • TextToSpeech.setEngineByPackageName() triggers NullPointerException
  • System.InvalidCastException: Specified cast is not valid
  • Unable to decode certificate at client new X509Certificate2()
  • Abort upload large uploads after reading headers
  • Read a local file using javascript
  • How to recover from a Spring Social ExpiredAuthorizationException
  • Release, debug version and Authorization Google?
  • Weird JavaScript statement, what does it mean?
  • jquery mobile loadPage not working
  • Why winpcap requires both .lib and .dll to run?
  • Run Powershell script from inside other Powershell script with dynamic redirection to file
  • Is there a mandatory requirement to switch app.yaml?
  • How to get icons for entities from eclipse?
  • Proper way to use connect-multiparty with express.js?
  • Load html files in TinyMce
  • How can I get HTML syntax highlighting in my editor for CakePHP?
  • coudnt use logback because of log4j
  • JaxB to read class hierarchy