Resource icon

Securing admin.php with a password - nginx


Well-known member
Robust submitted a new resource:

Securing admin.php with a password - nginx - How to secure admin.php with a password with nginx web server

This guide will explain how to protect the admin.php file using nginx. This was performed on the latest nginx mainline version at the time of publishing, 1.7.6, however it should work with anything beyond 1.2 at the very least.

1. Create a directory to store your file containing usernames and passwords. You can put this file anywhere accessible really, but I personally prefer to keep it out of the web root and put it in /etc/nginx or /home
2. Perform the following command to get the hash of...

Read more about this resource...


Active member
location = /admin.php {
auth_basic "Administrator Login";
auth_basic_user_file /etc/nginx/passwords/admin;
# Your PHP block stuff goes here

What mean this ?
I tried your code but when i call the admin.php it asks auth its okay and i enter the right infos but browser starting download the admin.php file.


Well-known member
You're not correctly using the PHP stuff. Where it says # Your PHP block stuff goes here you need to copy and paste what's in your php block.


if i add php block,the nginx error:
nginx: [emerg] location "\.php$" cannot be inside the exact location "/admin.php

so i changed to :
location ~* ^/admin\.php {
now it work fine