My REST API page is showing: Your server does not support authentication headers. You can authenticate by passing the API key as a query string parameter named 'key' in the request.
Running nginx. The webroot is a Wordpress install. IPB lives at /forums
What is required to get auth headers to operate properly?
upstream php_backend {
server unix:/run/php/php7.0-fpm.sock;
}
# Default server configuration
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /var/www/html;
index index.php;
# Maximum allowed upload size
client_max_body_size 100M;
#Wordpress root
location / {
try_files $uri $uri/ /index.php?$args;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php_backend;
fastcgi_index index.php;
fastcgi_pass_header Authorization;
fastcgi_param HTTP_PROXY "";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
deny all;
}
# deny access to .htaccess files, if Apache's document root
location ~ /\. {
deny all;
}
#Deny access to any files with a .php extension in the uploads directory
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Assign cache headers to static files
location ~* ^.+\.(?:jpg|jpeg|gif|css|png|js|ico|xml|htm|swf|cur)$ {
# If the static resource doesn't exist, pass off to IPS' 404 handler
try_files $uri @ips404;
access_log off;
expires 2w;
}
# IPB forums location
location /forums {
try_files $uri $uri/ @ips;
}
# Lock down access to the AdminCP
location ~ ^/forums/admin/.+\.php$ {
try_files $uri @ips404;
include /etc/nginx/fastcgi_params;
fastcgi_pass php_backend;
}
# Pass off not found errors to IPS' 404 handler
location @ips404 {
include /etc/nginx/fastcgi_params;
fastcgi_pass php_backend;
fastcgi_param SCRIPT_FILENAME $document_root/404error.php;
fastcgi_param SCRIPT_NAME 404error.php;
}
# Send rewritten requests directly to IPS
location @ips {
include /etc/nginx/fastcgi_params;
fastcgi_pass php_backend;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_buffers 38 4k;
fastcgi_buffer_size 16k;
}
}
Wondering if there is anything obvious that jumps out from my own configuration that is either problematic, or the reason behind why the http authentication headers are not working. Is this a module I have to enable? I cannot see how to do this.
Many thanks,
My REST API page is showing: Your server does not support authentication headers. You can authenticate by passing the API key as a query string parameter named 'key' in the request. Running nginx. The webroot is a Wordpress install. IPB lives at /forums What is required to get auth headers to operate properly? upstream php_backend { server unix:/run/php/php7.0-fpm.sock; } # Default server configuration server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /var/www/html; index index.php; # Maximum allowed upload size client_max_body_size 100M; #Wordpress root location / { try_files $uri $uri/ /index.php?$args; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { include fastcgi_params; fastcgi_pass php_backend; fastcgi_index index.php; fastcgi_pass_header Authorization; fastcgi_param HTTP_PROXY ""; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location /doc/ { alias /usr/share/doc/; autoindex on; allow 127.0.0.1; deny all; } # deny access to .htaccess files, if Apache's document root location ~ /\. { deny all; } #Deny access to any files with a .php extension in the uploads directory location ~* /(?:uploads|files)/.*\.php$ { deny all; } # Assign cache headers to static files location ~* ^.+\.(?:jpg|jpeg|gif|css|png|js|ico|xml|htm|swf|cur)$ { # If the static resource doesn't exist, pass off to IPS' 404 handler try_files $uri @ips404; access_log off; expires 2w; } # IPB forums location location /forums { try_files $uri $uri/ @ips; } # Lock down access to the AdminCP location ~ ^/forums/admin/.+\.php$ { try_files $uri @ips404; include /etc/nginx/fastcgi_params; fastcgi_pass php_backend; } # Pass off not found errors to IPS' 404 handler location @ips404 { include /etc/nginx/fastcgi_params; fastcgi_pass php_backend; fastcgi_param SCRIPT_FILENAME $document_root/404error.php; fastcgi_param SCRIPT_NAME 404error.php; } # Send rewritten requests directly to IPS location @ips { include /etc/nginx/fastcgi_params; fastcgi_pass php_backend; fastcgi_param SCRIPT_FILENAME $document_root/index.php; fastcgi_param SCRIPT_NAME /index.php; fastcgi_buffers 38 4k; fastcgi_buffer_size 16k; } } Wondering if there is anything obvious that jumps out from my own configuration that is either problematic, or the reason behind why the http authentication headers are not working. Is this a module I have to enable? I cannot see how to do this. Many thanks,