How to Configure Basic Authentication in NGINX

How to Configure Basic Authentication in NGINX

Configuring basic authentication in NGINX is an essential step for anyone looking to add an extra layer of security to their web pages. By restricting access to authorized users, you can ensure your content remains exclusive and your server stays protected. This guide will walk you through the straightforward process, ensuring you’re well-equipped to fortify your NGINX setup.

Setting up Basic Authentication in NGINX

Setting up Basic Authentication in NGINX is a fundamental security measure to restrict unauthorized access to your web server’s specific areas. By prompting users for a username and password, you ensure that only authorized personnel can access certain resources. Here are step-by-step instructions, complete with descriptions, inputs, and expected outputs:

#1 Install httpd-tools

This tool provides the htpasswd utility, which we’ll use to create a password file by running this command:

sudo apt-get install apache2-utils

#2 Create a Password File

Using htpasswd, create a password file. The -c option is used only when creating a new file.

sudo htpasswd -c /path/to/.htpasswd username

Replace ‘username’ with the desired username you’re working with. You’ll be prompted to enter and confirm your password. Replace ‘/path/to/’ with the actual path where you intend to store your password file. While ‘.htpasswd’ is a commonly used name for this file, you can rename it if you prefer.

Once you run the command, the output should look like this:

New password:
Re-type new password:
Adding password for user username

Make sure to type your password slowly and carefully to prevent any mistakes. This approach can help ensure accuracy and avoid potential access issues.

#3 Configure NGINX for Basic Authentication

Modify your NGINX configuration file to reference the password file. Open your NGINX configuration:

sudo nano /etc/nginx/sites-available/default

Add or modify the location block you wish to protect. For instance:

location /protected/ {
    auth_basic "Administrator Login";
    auth_basic_user_file /etc/nginx/.htpasswd;

Once you’re done, save by pressing ‘CTRL + O’, and then press ‘Enter’ to confirm. To exit the editor, press ‘CTRL + X’.

#4 Reload NGINX

Apply the changes by reloading NGINX.

sudo systemctl reload nginx

#5 Test Basic Authentication

Navigate to the protected location in your web browser. As a result, a login prompt will appear, asking for the username and password. After entering the correct credentials, you should be able to access the resource. Entering incorrect credentials will result in an authorization error.

That’s all! With these steps, you’ve acquired the knowledge to set up basic authentication in NGINX. This added layer of security ensures that only authorized users can access specific parts of your website, enhancing its protection against unauthorized access. Remember to always use strong, unique passwords and periodically review your security configurations.

Subscribe to our newsletter

Stay informed about the latest updates, news, and insights.