Reputation: 2289
Apache 2.4 and php-fpm does not trigger apache http basic auth for php pages
I am sure this is a question which has been asked somewhere, if so excuse me, but googling around did not give me anything tangible.
Here is my scenario:
I am protecting a web directory with apache http basic auth. So I have my .htaccess in the root folder and my httpd.conf is configure to override all so that it takes the .htaccess into consideration. The content of my .htaccess is as follows:
AuthType Basic
AuthName "test"
AuthUserFile /etc/httpd/.test_pass
Require valid-user
.test_pass has been set up with htpasswd successfully. When accessing the web root folder via the browser or any html file I get the authentication pop up correctly. Using the password gives me the expected access.
But when I access a php page, the authentication pop up does not appear and the php page renders.
Here is my set up:
- Apache Version: 2.4.6
- php-fpm: PHP 5.4.16 (fpm-fcgi) with Zend Engine v2.4.0
- Using proxypass from proxy_fcgi_module (shared) for the communication between apache 2.4 and php-fpm
- Also I am not using socket connections because apache 2.4.6 does not support it
- My proxypass setting is as follows and works pretty well: ProxyPassMatch ^/(..php(/.)?)$ fcgi://127.0.0.1:9000/var/www/html/$1
I need to be able to set a username/password authentication via apache basic auth which protects every files including php files in the directory.
I am using opensource softwares; therefore modifying the software codes is the very last resort.
Is there a work around/solution for php-fpm and mod_proxy_fcgi?
Thanks
Upvotes: 3
Views: 2554
Answers (1)
Reputation: 2289
After hours of research I understood that the reason that this occurs is because the ProxyPassMatch directive is the first directive to be processed, and this causes apache to ignore the other directives for the .php extensions.
To be able to use other apache directives with php-fpm via the proxy_fcgi_module one should rather use the filesmatch directive instead of proxypassmatch.
The syntax is as follows:
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
Upvotes: 6
Related Questions
- Apache 2.4 + PHP-FPM and Authorization headers
- HTTP Authentication with PHP running as FCGI
- Http Basic Auth issue with Rarst/release-belt
- Basic authentication in vhost in PHP FPM
- Http Authentication with PHP not working
- basic auth does not work in apache 2.4
- Apache 2.4 .htaccess Basic auth bypass by Request_URI
- Symfony basic HTTP authentication not working
- HTTP Basic Auth runs on local but not on production environment
- http basic auth - PHP_AUTH_USER & PHP_AUTH_PW not being set