Basic HTTP Authentication with Nginx
Contents
Basic HTTP Authentication with Nginx
This guide will show you how to implement basic HTTP authentication with Nginx to password-protect directories on your server or even a whole website. This is the Nginx equivalent to basic HTTP authentication on Apache with .htaccess/.htpasswd.
Creating the Password File
You will still need the Apaches htpasswd tool or visit a website that can create the password file for you like http://www.htaccesstools.com/htpasswd-generator/
Create Password file with htpasswd
Lets first check and see if its installed on your server, most servers have this function as the default web service was probably apache.
which htpasswd
If you have it on your system you will see something like
$ which htpasswd /usr/bin/htpasswd
If your system does not have the htpasswd tool, you will want to install it
yum install httpd-tools
or if your on debian/ubuntu
apt-get install apache2-utils
Create the .htpasswd file
I want to create the password file /var/www/pwd/.htpasswd now and store the user demo in it (you can give the password file any name you like - it's not necessary to name it .htpasswd; I just named it .htpasswd because that's the way password files are named under Apache):
htpasswd -c /var/www/pwd/.htpasswd demo
- Note the -c says to create the file, so when adding additional user names, do not use the -c
Adding the user demo2 to the same .htpasswd file
htpasswd /var/www/pwd/.htpasswd demo2
Now your /var/www/pwd/.htpasswd file will have two users, demo and demo2
Configuring Nginx with .htpasswd
Now that we have our password file in place, we just need to add it to our Nginx vhost configuration
vim /etc/nginx/sites-enabled/vhost_briansnelson.com
Because I want to password-protect the scripts directory in the document root, I use location /scripts {} here (to password-protect the whole website, you'd use location / {}):
server { listen 80; server_name www.briansnelson.com briansnelson.com; root /var/www/briansnelson.com; [...] location /scripts { auth_basic "Restricted"; auth_basic_user_file /var/www/pwd/.htpasswd; } [...] }
One last step, restarting Nginx
/etc/init.d/nginx reload
Now you can visit http://briansnelson.com/scripts/ and notice that it is password protected.