Sometimes you may have to allow access to specific pages and directories on your website, which is otherwise password protected. So let us look at how to whitelist path in NGINX.
How to Whitelist Path in NGINX
Here are the steps to whitelist path in NGINX.
1. Open NGINX config file
Open NGINX config file in a text editor. You will typically find it at /etc/nginx/nginx.conf
$ sudo vim /etc/nginx/nginx.conf
2. Whitelist Path
Let’s say all pages on your website/portal are password protected/restricted and you want to allow access to all for specific URLs (e.g /index.php) as well as a directory (e.g /phpmyadmin/). In that case, add the following code to your config file. The idea is to deny all access and then allow access to specific URLs and directories.
upstream _php {
server unix:/var/run/php-fpm/php-fpm.sock;
}
server {
server_name example.com;
root /path/to/root;
index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# deny everything
location / { deny all; }
# allow access to /index.php
location = / { } # allow GET / to redirect to /index.php
location = /index.php { fastcgi_pass _php; }
# allow access to phpmyadmin
location /phpmyadmin/ { } # Allow access .php files in /phpmyadmin/
location ~ ^/phpmyadmin/.*\.php$ { fastcgi_pass _php; }
}
The above code will disable any authentication to the specified URLs and directories. In the above case, fastcgi_params are inherited by both location blocks (for index.php and phpmyadmin) that are passed by fastcgi_pass. You can change them as per your requirements.
3. Reload NGINX web server
Reload NGINX server to apply changes.
$ sudo service nginx reload
