diff --git a/README.md b/README.md
index 0042bf7d..fef08960 100644
--- a/README.md
+++ b/README.md
@@ -26,3 +26,14 @@ Authentication
 Following previous issues with the mis-use of Magmi in an insecure way, Magmi now contains built-in authentication.
 
 Once you have provided DB details and Magmi can connect to the DB, you will need to login using a set of Magento admin credentials to use Magmi. If Magmi has not yet been configured to connect, then the username and password are both 'magmi'
+
+Authentication with PHP-CGI/FPM
+-------------------------------
+
+php-cgi/fpm under Apache does not pass HTTP Basic user/pass to PHP by default
+     
+Add these lines to an .htaccess file:
+
+     RewriteEngine On
+     RewriteCond %{HTTP:Authorization} ^(.+)$
+     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
diff --git a/magmi/web/.htaccess-sample-php_cgi_fpm b/magmi/web/.htaccess-sample-php_cgi_fpm
new file mode 100644
index 00000000..fab02199
--- /dev/null
+++ b/magmi/web/.htaccess-sample-php_cgi_fpm
@@ -0,0 +1,9 @@
+### php-cgi/fpm under Apache does not pass HTTP Basic user/pass to PHP by default
+
+<IfModule mod_rewrite.c>
+
+RewriteEngine on
+RewriteCond %{HTTP:Authorization} ^(.+)$
+RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
+</IfModule>
\ No newline at end of file
diff --git a/magmi/web/security.php b/magmi/web/security.php
index d81933cb..abef0f2b 100644
--- a/magmi/web/security.php
+++ b/magmi/web/security.php
@@ -7,6 +7,35 @@ function authenticate($username="",$password=""){
     return $auth->authenticate();
 }
 
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+    /*
+     * php-cgi/fpm under Apache does not pass HTTP Basic user/pass to PHP by default
+     * For this workaround to work, add these lines to your .htaccess file:
+     * RewriteEngine On
+     * RewriteCond %{HTTP:Authorization} ^(.+)$
+     * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+     * @see https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/ServerBag.php#L47
+     */
+    $authorizationHeader = null;
+    if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
+        $authorizationHeader = $_SERVER['HTTP_AUTHORIZATION'];
+    } elseif (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
+        $authorizationHeader = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
+    }
+    if (null !== $authorizationHeader) {
+        if (0 === stripos($authorizationHeader, 'basic ')) {
+            // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
+            $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)), 2);
+            if (count($exploded) == 2) {
+                list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = $exploded;
+            }
+        } elseif (empty($_SERVER['PHP_AUTH_DIGEST']) && (0 === stripos($authorizationHeader, 'digest '))) {
+            // In some circumstances PHP_AUTH_DIGEST needs to be set
+            $_SERVER['PHP_AUTH_DIGEST'] = $authorizationHeader;
+        }
+    }
+}
+
 if (!isset($_SERVER['PHP_AUTH_USER'])) {
     header('WWW-Authenticate:Basic realm="Magmi"');
     header('HTTP/1.0 401 Unauthorized');