How To Configure Basic Authentication in NGINX

Securing your web server is paramount in today’s digital landscape, and one effective method to restrict access to specific pages or areas is by implementing basic authentication. NGINX, a popular web server and reverse proxy server, provides a straightforward way to configure basic HTTP authentication.

This article will guide you through the steps of setting up basic authentication in NGINX to enhance the security of your website.

Step 1: Install Apache Utils

Before configuring basic authentication, you need to install the necessary utility to manage user credentials. Use the following commands based on your Linux distribution:

For RHEL/CentOS:

yum install httpd-tools

For Debian/Ubuntu:

sudo apt install apache2-utils

Step 2: Create User/Password

Use the `htpasswd` command to create a user and set up their password. The `-c` option is used only for the initial creation of the password file. Subsequent user additions do not require this option:

htpasswd -c /etc/nginx/conf.d/.htpasswd developer

You will be prompted to enter and confirm the password for the specified user.

For additional users:

htpasswd /etc/nginx/conf.d/.htpasswd developer2

Step 3: Open NGINX Configuration File

Open your NGINX server configuration file using a text editor. Depending on your setup, the location may vary. Common locations include:

For the main configuration file:

sudo nano /etc/nginx/nginx.conf

For a specific virtual host configuration file:

sudo nano /etc/nginx/sites-enabled/website.conf

Step 4: Password Protect NGINX

To password-protect your website, or specific sections of it, add the following directives within the appropriate block in your NGINX configuration.

For the entire `http` block (e.g., virtual hosts):

http {
  ...
  auth_basic "Restricted Access!";
  auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
  ...
}

For a specific `server` block (website or domain):

server {
  ...
  auth_basic "Restricted Access!";
  auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
  ...
}

For a specific location (e.g., `/admin/`):

location /admin/ {
  ...
  auth_basic "Restricted Access!";
  auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
  ...
}

Step 5: Restart NGINX Server

Check the syntax of your updated configuration file:

sudo nginx -t

If there are no errors, restart the NGINX server:

For Debian/Ubuntu:

sudo service nginx reload

For RHEL/CentOS:

systemctl restart nginx

Step 6: Verify Basic Authentication

Open your web browser and visit the protected URL. You should now see an authentication screen prompting you for the username and password you created, securing the specified area of your website.

By following these steps, you have successfully configured basic authentication in NGINX, adding an extra layer of security to your web server and protecting sensitive areas of your website. Always remember to keep your password files secure and regularly review your server’s security configurations.

• [Solution] Missing logstash-plain.log File in Logstash
• Understanding Netstat – The Network Monitoring Tool
• Using Elasticsearch Ingest Pipeline to Copy Data from One Field to Another
• Top 10 Useful Windows Commands
• Essential Commands For Process Management in Kali Linux
• How To Install Python 2.7.18 From The Source
• How To Parse SSH Authentication Logs with Logstash
• How To Easily Crack Wi-Fi Password
• 6 Most Useful Windows Command Prompt Commands
• Ripgrep – Searching for Specific File Types and Beyond