Nginx ignores HTTP Authentication for WordPress login directory

I am running WordPress in a subfolder of my domain for testing and development purposes on a VPS LEMP-stack. In order to password-protect the wp-login.php with an etxra layer, I used HTTP authentication for the wp-admin folder.

The problem is that the http authentication is ignored. When the wp-login.php or wp-admin-folder is called, it goes directly to the normal WordPress-login.

I installed everything from the command line in the following way:

sudo apt-get install apache2-utils

sudo htpasswd -c /var/www/bitmall/wp-admin/.htpasswd exampleuser

New password:
Re-type new password:
Adding password for user exampleuser

My Nginx configuration file looks like this:

server {
    listen   80;


    root /var/www;
    index index.php index.html index.htm;

    server_name eample.com;

    location / {
            try_files $uri $uri/ /index.html;
    }

location /bitmall/wp-admin/ {
    auth_basic "Restricted Section";
    auth_basic_user_file /var/www/bitmall/wp-admin/.htpasswd;
}

location ~ /\.ht {
    deny all;
}   

    error_page 404 /404.html;

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
          root /var/www;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
            try_files $uri =404;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;

    }

}

I already tried to change the nginx configuration following this question:

location ~* (wp-login)\.php$ {
            auth_basic            "Restricted Area";
            auth_basic_user_file  /var/www/bitmall/.htpasswd;
    }

This code will call the http authentification, but the browser downloads the wp-login.php, when the credentials have been entered, instead of going to the main login screen.

Could you please advice me how to fix this?