Ah! Thanks, jggimi. I thought the preceding
fastcgi directive would cover this
location too.
I'm making progress. The following now returns an
"Access denied."
Code:
location "/app*" {
root "/app"
authenticate itac with "/file"
fastcgi socket "/run/php-fpm.sock"
directory index index.php
}
The
authenticate dialog box appears, but after entering credentials I'm presented with the
"Access denied." screen. The only error in
/var/www/logs/error.log is:
Code:
Access to the script '/app' has been denied (see security.limit_extensions)
But I don't know that changing the default in
/etc/php-fpm.conf is the right thing to do.