how to configure basic authentication in nginx

How To Configure Basic Authentication in NGINX

NGINX allows you to configure basic HTTP authentication on your website which allows you to restrict access to one or more pages on your website using a simple username/password. You can use this method to secure http, server or even location blocks. You can use it to secure virtual hosts, websites, or sensitive pages of your website such as admin pages. In this article, we will look at how to configure basic authentication in NGINX.

How To Configure Basic Authentication in NGINX

Here are the steps to configure basic authentication in NGINX.

1. Install Apache Utils

We need to use htpasswd utility to set up basic authentication. For that, we need to install apache2-utils or httpd-tools. Open terminal and run the following command

# yum install httpd-tools [RHEL/CentOS] 
$ sudo apt install apache2-utils [Debian/Ubuntu]

Also read : How to Install Let’s Encrypt on NGINX

2. Create User/Password

Next, run htpasswd command to create a user that will be given access to your website.

# htpasswd -c /etc/nginx/conf.d/.htpasswd developer

We use -c option to specify password file location. When you press enter, you will be prompted for a password.

For example, when we create another user, we don’t specify password file location.

# htpasswd /etc/nginx/conf.d/.htpasswd developer2

Also read : Redirect vs Rewrite in NGINX

3. Open NGINX configuration file

Open terminal and run the following command to open NGINX server configuration file.

$ sudo vi /etc/nginx/nginx.conf

If you have configured separate virtual hosts for your website (e.g, such as /etc/nginx/sites-enabled/website.conf then open its configuration with the following command

$ sudo vi /etc/nginx/sites-enabled/website.conf

Alternatively, you can also open the default virtual host configuration file.

$ sudo vi /etc/nginx/sites-enabled/default

Also read : How to Create Custom 404 page in NGINX

4. Password Protect NGINX

In order to password protect your website, or certain web pages, we need to use auth_basic and auth_basic_user_file directives in NGINX server configuration.

For example, if you want to configure basic authentication for virtual hosts (an entire http block), add the above two directives as shown below in http block.

   auth_basic "Restricted Access!"; 
   auth_basic_user_file /etc/nginx/conf.d/.htpasswd;

In the above code, we specify the path of password file in auth_basic_user_file directive and message to be displayed in auth_basic directive.

Similarly, here’s the code to protect server block, that is, implement basic authentication for website or domain.

    auth_basic "Restricted Access!";
    auth_basic_user_file /etc/nginx/conf.d/.htpasswd;

You can also configure basic authentication for specific web pages/subdirectories (e.g /admin) by adding auth_basic and auth_basic_user_file directives in a location block.

location /admin/ {
    auth_basic "Restricted Access!";
    auth_basic_user_file /etc/nginx/conf.d/.htpasswd;

Also Read : How to Limit Download Speed in NGINX

5. Restart NGINX Server

Run the following command to check syntax of your updated config file.

$ sudo nginx -t

If there are no errors, run the following command to restart NGINX server.

$ sudo service nginx reload #debian/ubuntu
$ systemctl restart nginx #redhat/centos

Also read : How to Enable GZIP Compression in NGINX

6. Verify basic authentication

Open browser and visit the URL (e.g that you have protected. You should see an authentication screen as the one below.

Ubiq makes it easy to visualize data, and monitor them in real-time dashboards. Try Ubiq for free.


About Ubiq

Ubiq is a powerful dashboard & reporting platform for small & medium businesses. Build dashboards, charts & reports for your business in minutes. Get insights from data quickly. Try it for free today!