I only use nginx, so here is what I did for nginx.
This allows internal IPs to bypass the auth check (if you require zero trust, remove satisfy any; - deny all;).
Make sure this is ABOVE other regex based locations otherwise you might leak some paths!
create password file htpasswd -c /etc/nginx/maps.passwd maps
(maps is the username, change if you like)
location ~ ^/plugins/Weathermap/ {
satisfy any;
allow 192.168.1.0/24;
deny all;
auth_basic "Login to view maps";
auth_basic_user_file /etc/nginx/maps.passwd;
location ~ [^/]\.php(/|$) {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fastcgi.conf;
}
}
Don’t forget to set the correct path to the fpm socket.