Last active
December 12, 2015 06:09
-
-
Save jasonwbarnett/4727443 to your computer and use it in GitHub Desktop.
nginx configuration for site with auth_ldap OR allow/deny.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name accessphase.mydomain.com; | |
| rewrite ^ https://accessphase.mydomain.com$request_uri permanent; | |
| } | |
| server { | |
| listen 192.168.97.208:443; | |
| server_name accessphase.mydomain.com; | |
| root /opt/nginx/accessphase.mydomain.com/public_html; | |
| index index.html; | |
| ssl on; | |
| ssl_certificate /opt/certs/pem/mydomain.com_cert_bundle.pem; | |
| ssl_certificate_key /opt/certs/pem/mydomain.com.key; | |
| ssl_session_timeout 5m; | |
| ssl_protocols SSLv3 TLSv1; | |
| ssl_ciphers RC4:HIGH:!aNULL:+MD5:!kEDH:!AES:!EXP; | |
| ssl_prefer_server_ciphers on; | |
| ssl_session_cache shared:SSL:128m; | |
| access_log /var/log/nginx/accessphase.mydomain.com.access.log main; | |
| error_log /var/log/nginx/accessphase.mydomain.com.error.log debug; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| ## ngx_http_core_module.c | |
| satisfy any; | |
| ## ngx_http_auth_ldap_moduile.c | |
| auth_ldap "auth_ldap message"; | |
| auth_ldap_require valid_user; | |
| auth_ldap_satisfy any; | |
| ## ngx_http_auth_basic_module.c | |
| #auth_basic "auth_basic message"; | |
| #auth_basic_user_file /opt/nginx/accessphase.mydomain.com/auth; | |
| ## ngx_http_access_module.c | |
| allow 10.10.10.10/32; | |
| deny all; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment