> > Since the rules get evaluated top to bottom and stoping at first > match
If this is true (which I don´t know - where did you get this information?) then httpd would stop at line 15 and would try to find index.html. So the request "https://domain.tld/admin/"; will try "https://domain.tld/admin/index.html"; which isn´t available. I would try the following: 1. don´t use directory { index index.html } because index.html is the default - see httpd.conf(5) 2. in your conf file: delete lines 15, 18 and 24 3. delete this: location "/admin/*" { ... } 4. add to the server block (not in location): directory { index "index.php" } (enclose string values in double quotes) 5. add the authenticate directive to the server (not the location) Something like this: server ... { listen on $ext_if tls port 443 authenticate with "..." log { ... } tls { ... } directory { index "index.php" } location "*.php" { fastcgi socket "/run/php-fpm.sock" } location "/noauth*" { no authenticate } root "..." }
