{"id":3382,"date":"2019-07-19T16:06:06","date_gmt":"2019-07-19T08:06:06","guid":{"rendered":"https:\/\/www.ookangzheng.com\/?p=3382"},"modified":"2020-05-24T15:58:15","modified_gmt":"2020-05-24T07:58:15","slug":"nginx-add-basic-authentication","status":"publish","type":"post","link":"https:\/\/www.ookangzheng.com\/nginx-add-basic-authentication\/","title":{"rendered":"Nginx add basic authentication"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\" id=\"step-1-\u2014-installing-apache-tools\">Step 1 \u2014 Installing Apache Tools<\/h2>\n\n\n\n<p>You’ll need the&nbsp;<code>htpassword<\/code>&nbsp;command to configure the password that will restrict access to the target website. This command is part of the&nbsp;<code>apache2-utils<\/code>&nbsp;package, so the first step is to install that package.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt-get install apache2-utils\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-2-\u2014-setting-up-http-basic-authentication-credentials\">Step 2 \u2014 Setting Up HTTP Basic Authentication Credentials<\/h2>\n\n\n\n<p>In this step, you’ll create a password for the user running the website.<\/p>\n\n\n\n<p>That password and the associated username will be stored in a file that you specify. The password will be encrypted and the name of the file can be anything you like. Here, we use the file\u00a0<code>\/usr\/local\/nginx\/.htpasswd<\/code>\u00a0and the username\u00a0<strong>nginx<\/strong>.<\/p>\n\n\n\n<p>To create the password, run the following command. You’ll need to authenticate, then specify and confirm a password.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/\/ replace \u201cnginx\u201d with ur username\nsudo htpasswd -c \/etc\/nginx\/.htpasswd nginx\n<\/code><\/pre>\n\n\n\n<p>You can check the contents of the newly-created file to see the username and hashed password.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cat \/etc\/nginx\/.htpasswd\n<\/code><\/pre>\n\n\n\n<p>Example \/etc\/nginx\/.htpasswd<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/\/ Something like this example username:hassed password\nnginx:$apr1$ilgq7ZEO$OarDX15gjKAxuxzv0JTrO\/\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-3-\u2014-updating-the-nginx-configuration\">Step 3 \u2014 Updating the Nginx Configuration<\/h2>\n\n\n\n<p>Now that you’ve created the HTTP basic authentication credential, the next step is to update the Nginx configuration for the target website to use it.<\/p>\n\n\n\n<p>HTTP basic authentication is made possible by the&nbsp;<code>auth_basic<\/code>&nbsp;and&nbsp;<code>auth_basic_user_file<\/code>&nbsp;directives. The value of&nbsp;<code>auth_basic<\/code>&nbsp;is any string, and will be displayed at the authentication prompt; the value of&nbsp;<code>auth_basic_user_file<\/code>&nbsp;is the path to the password file that was created in Step 2.<\/p>\n\n\n\n<p>Both directives should be in the configuration file of the target website, which is normally located in&nbsp;<code>\/etc\/nginx\/sites-available<\/code>&nbsp;directory. Open that file using&nbsp;<code>nano<\/code>&nbsp;or your favorite text editor.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/etc\/nginx\/sites-available\/default<\/code><\/pre>\n\n\n\n<p>Under the&nbsp;<strong>location<\/strong>&nbsp;section, add both directives:\/etc\/nginx\/sites-available\/default.conf<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>. . .\nserver_name localhost;\n\nlocation \/ {\n        # First attempt to serve request as file, then\n        # as directory, then fall back to displaying a 404.\n        try_files $uri $uri\/ =404;\n        # Uncomment to enable naxsi on this location\n        # include \/etc\/nginx\/naxsi.rules\n        auth_basic \"Private Property\";\n        auth_basic_user_file \/etc\/nginx\/.htpasswd;\n}\n. . .\n<\/code><\/pre>\n\n\n\n<p>Save and close the file.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-4-\u2014-testing-the-setup\">Step 4 \u2014 Testing the Setup<\/h2>\n\n\n\n<p>To apply the changes, first reload Nginx.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo service nginx reload<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Step 1 \u2014 Installing Apache Tools You’ll need the&nbsp;htpassword&nbsp;command to configure the password that will restrict access to the target&hellip;<\/p>\n","protected":false},"author":1,"featured_media":3385,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[37,32],"tags":[],"class_list":["post-3382","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-technology"],"_links":{"self":[{"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/posts\/3382","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/comments?post=3382"}],"version-history":[{"count":0,"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/posts\/3382\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/media\/3385"}],"wp:attachment":[{"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/media?parent=3382"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/categories?post=3382"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ookangzheng.com\/wp-json\/wp\/v2\/tags?post=3382"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}