<div>Hello list</div><div><br></div><div>I am new to nginx. I put it into production a couple of weeks ago, and I have been very pleased with its efficiency and stability. But I have been wondering about an aspect of the location directive. The only previous discussion I have found of this went dead without resolution (<a href="http://forum.nginx.org/read.php?2,4225">http://forum.nginx.org/read.php?2,4225</a>)</div>
<div><br></div><div>By way of illustration, this motif was my first attempt at a configuration, and I suspect -- assuming I am not unusually dense -- that others coming from Apache will have tried it too: </div><div><br></div>
<div>server {</div><div> listen 80;</div><div> root /www/;</div><div><br></div><div><span class="Apple-tab-span" style="white-space:pre">        </span>location ~ \.php$ {</div><div> fastcgi_pass unix:php.sock;</div>
<div><span class="Apple-tab-span" style="white-space:pre">        </span>}</div><div><br></div><div> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {</div><div> expires max;</div><div> }</div>
<div><br></div><div> location /secrets/ {</div><div> auth_basic "Restricted";</div><div> auth_basic_user_file /path/to/.htpasswd;</div><div> }</div><div><br></div><div>
location /local-secrets/ {</div><div> allow 127.0.0.1;</div><div> deny all;</div><div> }</div><div>}</div><div><br></div><div>...and I'm aware that it's dangerously wrong. Compounding this is the fact that it looks - to me at least - intuitively correct. Perhaps I expected the location parser to be more promiscuous. The second problem is my solution: </div>
<div><br></div><div>server {</div><div> listen 80;</div><div> root /www/;</div><div><br></div><div><span class="Apple-tab-span" style="white-space:pre">        </span>location ~ \.php$ {</div><div>
fastcgi_pass unix:php.sock;</div><div><span class="Apple-tab-span" style="white-space:pre">        </span>}</div><div><br></div><div> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {</div><div>
expires max;</div><div> }</div><div><br></div><div> location ^~ /secrets/ {</div><div> auth_basic "Restricted";</div><div> auth_basic_user_file /path/to/.htpasswd;</div>
<div><span class="Apple-tab-span" style="white-space:pre">        </span> location ~ \.php$ {</div><div> fastcgi_pass unix:php.sock;</div><div><span class="Apple-tab-span" style="white-space:pre">        </span> }</div>
<div> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {</div><div> expires max;</div><div> }</div><div> }</div><div><br></div><div> location ^~ /local-secrets/ {</div>
<div> allow 127.0.0.1;</div><div> deny all;</div><div><span class="Apple-tab-span" style="white-space:pre">        </span> location ~ \.php$ {</div><div> fastcgi_pass unix:php.sock;</div><div>
<span class="Apple-tab-span" style="white-space:pre">        </span> }</div><div> location ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {</div><div> expires max;</div><div> }</div><div> }</div>
<div>}</div><div><br></div><div>...which is unwieldy, at the least. Is it correct? Is it optimal? Is it wise to nest these locations? (Would it get more bloated not to?)</div><div><br></div><div>My main question is -- assuming that the answers to the above are yes -- is there a configuration available or planned that's as simple as this:</div>
<div><br></div><div>server {</div><div> listen 80;</div><div> root /www/;</div><div><br></div><div><span class="Apple-tab-span" style="white-space:pre">        </span><b>location continue</b> ~ \.php$ {</div>
<div> fastcgi_pass unix:php.sock;</div><div><span class="Apple-tab-span" style="white-space:pre">        </span>}</div><div><br></div><div> <b>location continue</b> ~* \.(ico|flv|swf|jpg|jpeg|png|gif|js|css|wav)$ {</div>
<div> expires max;</div><div> }</div><div><br></div><div> location /public-secrets/ {</div><div> auth_basic "Restricted";</div><div> auth_basic_user_file /path/to/.htpasswd;</div>
<div> }</div><div><br></div><div> location /private-secrets/ {</div><div> allow 127.0.0.1;</div><div> deny all;</div><div> }</div><div>}</div><div><br></div><div>By "location continue" I mean the parser to continue matching (sibling) locations after a positive match on those expressions. The order of matching would be the same. Is this / will this be possible? </div>
<div><br></div><div><br></div><div>Thomas</div><div><br></div><div><br></div>