Hi,
For the following httpd setup, cgi scripts give a 403 Page not found
on browser. However after removing the line:
location "/*" {
authenticate "Staff Only" with "/htpasswds"
}
cgi scripts run fine but no authentication for document root of course.
Please explain the situation.
.......................................................................................................................
# $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $
server "xyz.co.ke" {
listen on * port 80
listen on :: port 80
location "/.well-known/acme-challenge/*" {
root "/acme"
root strip 2
}
location * {
block return 302 "https://$HTTP_HOST$REQUEST_URI";
}
}
server "xyz.co.ke" {
listen on * tls port 443
listen on :: tls port 443
hsts
tls {
certificate "/etc/ssl/xyz.co.ke.fullchain.pem"
key "/etc/ssl/private/xyz.co.ke.key"
}
location "/.well-known/acme-challenge/*" {
root "/acme"
root strip 2
}
root "/xyz.co.ke"
location "/*" {
authenticate "Staff Only" with "/htpasswds"
}
location "/public/*" {
directory auto index
}
location "/xyz/*" {
root "/"
fastcgi
authenticate "Staff Only" with "/htpasswds"
}
}
..............................................................................................................
Thank you,
Regards
Kihaguru.
