Configuring basic authentication in NGINX is an essential step for anyone looking to add an extra layer of security to their web pages. By restricting access to authorized users, you can ensure your content remains exclusive and your server stays protected. This guide will walk you through the straightforward process, ensuring you’re well-equipped to fortify your NGINX setup.
Setting up Basic Authentication in NGINX
Setting up Basic Authentication in NGINX is a fundamental security measure to restrict unauthorized access to your web server’s specific areas. By prompting users for a username and password, you ensure that only authorized personnel can access certain resources. Here are step-by-step instructions, complete with descriptions, inputs, and expected outputs:
#1 Install httpd-tools
This tool provides the htpasswd utility, which we’ll use to create a password file by running this command:
sudo apt-get install apache2-utils
#2 Create a Password File
Using htpasswd, create a password file. The -c option is used only when creating a new file.
sudo htpasswd -c /path/to/.htpasswd usernameReplace ‘username’ with the desired username you’re working with. You’ll be prompted to enter and confirm your password. Replace ‘/path/to/’ with the actual path where you intend to store your password file. While ‘.htpasswd’ is a commonly used name for this file, you can rename it if you prefer.
Once you run the command, the output should look like this:
New password:Re-type new password:Adding password for user usernameMake sure to type your password slowly and carefully to prevent any mistakes. This approach can help ensure accuracy and avoid potential access issues.
#3 Configure NGINX for Basic Authentication
Modify your NGINX configuration file to reference the password file. Open your NGINX configuration:
sudo nano /etc/nginx/sites-available/defaultAdd or modify the location block you wish to protect. For instance:
location /protected/ { auth_basic "Administrator Login"; auth_basic_user_file /etc/nginx/.htpasswd;}Once you’re done, save by pressing ‘CTRL + O’, and then press ‘Enter’ to confirm. To exit the editor, press ‘CTRL + X’.
#4 Reload NGINX
Apply the changes by reloading NGINX.
sudo systemctl reload nginx#5 Test Basic Authentication
Navigate to the protected location in your web browser. As a result, a login prompt will appear, asking for the username and password. After entering the correct credentials, you should be able to access the resource. Entering incorrect credentials will result in an authorization error.
That’s all! With these steps, you’ve acquired the knowledge to set up basic authentication in NGINX. This added layer of security ensures that only authorized users can access specific parts of your website, enhancing its protection against unauthorized access. Remember to always use strong, unique passwords and periodically review your security configurations.
Related articles
Health check monitoring is a systematic process that tracks the availability and performance of your servers, applications, and infrastructure by sending automated requests at regular intervals. Most systems run checks every 30 to 60 second
GSLB (Global Server Load Balancing) is a load balancing service that distributes client requests across multiple geographically dispersed data centers to improve performance, availability, and compliance.At its core, GSLB works at the DNS l
Building modern applications means making a fundamental choice: serverless or containers?This decision affects how you use code, manage resources, and pay for infrastructure. Here's what you need to know.Serverless computing lets you write
Subscribe to our newsletter
Get the latest industry trends, exclusive insights, and Gcore updates delivered straight to your inbox.