Configuring basic authentication in NGINX is an essential step for anyone looking to add an extra layer of security to their web pages. By restricting access to authorized users, you can ensure your content remains exclusive and your server stays protected. This guide will walk you through the straightforward process, ensuring you’re well-equipped to fortify your NGINX setup.
Setting up Basic Authentication in NGINX
Setting up Basic Authentication in NGINX is a fundamental security measure to restrict unauthorized access to your web server’s specific areas. By prompting users for a username and password, you ensure that only authorized personnel can access certain resources. Here are step-by-step instructions, complete with descriptions, inputs, and expected outputs:
#1 Install httpd-tools
This tool provides the htpasswd utility, which we’ll use to create a password file by running this command:
sudo apt-get install apache2-utils
#2 Create a Password File
Using htpasswd, create a password file. The -c option is used only when creating a new file.
sudo htpasswd -c /path/to/.htpasswd username
Replace ‘username’ with the desired username you’re working with. You’ll be prompted to enter and confirm your password. Replace ‘/path/to/’ with the actual path where you intend to store your password file. While ‘.htpasswd’ is a commonly used name for this file, you can rename it if you prefer.
Once you run the command, the output should look like this:
New password: Re-type new password: Adding password for user username
Make sure to type your password slowly and carefully to prevent any mistakes. This approach can help ensure accuracy and avoid potential access issues.
#3 Configure NGINX for Basic Authentication
Modify your NGINX configuration file to reference the password file. Open your NGINX configuration:
sudo nano /etc/nginx/sites-available/default
Add or modify the location block you wish to protect. For instance:
location /protected/ {
auth_basic "Administrator Login";
auth_basic_user_file /etc/nginx/.htpasswd;
}
Once you’re done, save by pressing ‘CTRL + O’, and then press ‘Enter’ to confirm. To exit the editor, press ‘CTRL + X’.
#4 Reload NGINX
Apply the changes by reloading NGINX.
sudo systemctl reload nginx
#5 Test Basic Authentication
Navigate to the protected location in your web browser. As a result, a login prompt will appear, asking for the username and password. After entering the correct credentials, you should be able to access the resource. Entering incorrect credentials will result in an authorization error.
That’s all! With these steps, you’ve acquired the knowledge to set up basic authentication in NGINX. This added layer of security ensures that only authorized users can access specific parts of your website, enhancing its protection against unauthorized access. Remember to always use strong, unique passwords and periodically review your security configurations.
