Atlantic.Net Blog

How to Setup Password Authentication with Apache on Ubuntu 18.04

April 6, 2020 by ( 680 ) under VPS Hosting

0 Comments

Apache webserver is free, open-source, and one of the most widely used web servers in the world. It allows you to serve the content on the web.

Any user can access your application over the Internet when it is hosted on an Apache web server. In some cases, you may need to secure your application so that only authenticated users can access the application. You can protect your application at the server level using Apache htpasswd. This utility allows you to limit access to a specific website to the limited person who has the login details only.

In this tutorial, we will show you how to setup password authentication with Apache on Ubuntu 18.04.

In This Article

Step 1 – Install Apache Webserver

By default, the Apache webserver package is available in the Ubuntu 18.04 default repository. You can install it with the following command:

apt-get install apache2 apache2-utils -y

Once installed, start the Apache service and enable it to start after system reboot with the following command:

systemctl start apache2
systemctl enable apache2

Now, open your web browser and navigate to the URL http://your-server-ip. You should see your default Apache web page in the following screen:

Step 2 – Create Apache Password File

First, you will need to create a password file that Apache can use to authenticate users. You can create a hidden .htpasswd file withing /etc/apache2 directory for a user named user1 using the htpasswd utility:

htpasswd -c /etc/apache2/.htpasswd user1

Provide your desired password, as shown below:

New password:
Re-type new password:
Adding password for user user1

The above command will create a .htpasswd file with user credentials. You will need to use these credentials to access your website.

Step 3 – Create a Sample Website

In this section, we will create a sample directory structure and index.html file for testing purposes.

First, create a directory for your website with the following command:

mkdir /var/www/html/example.com

Next, create an index.html file inside your web directory with the following command:

nano /var/www/html/example.com/index.html

Add the following contents:

<html>
<title>Password Protected Apache Website.</title>
<h1>This website is password protected.</h1>
</html>

Save and close the file when you are finished. Then, change the ownership of your web directory to www-data:

chown -R www-data:www-data /var/www/html/example.com

Step 4 – Configure Apache Basic Authentication

Next, you will need to create an Apache virtual host configuration file for your website and define basic authentication.

nano /etc/apache2/sites-available/example.conf

Add the following lines:

<VirtualHost *:80>
  ServerAdmin [email protected]
  ServerName  example.com
  DocumentRoot /var/www/html/example.com
  DirectoryIndex index.html
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
  <Directory "/var/www/html/example.com">
      AuthType Basic
      AuthName "Restricted Content"
      AuthUserFile /etc/apache2/.htpasswd
      Require valid-user
  </Directory>
</VirtualHost>

Save and close the file when you are finished.

A brief explanation of each directive is specified below:

  • ServerAdmin: Email address of the server admin.
  • ServerName: Domain name that the server uses to identify itself.
  • DocumentRoot: Specify the path of your application.
  • DirectoryIndex: Specify a default page to display when a directory is accessed.
  • AuthType: Type of authentication.
  • AuthName: Specify the message to appear on the password page.
  • AuthUserFile: Specify the location of the user credential file.
  • Require: Specify the users that can access this region of the server.

Next, check the Apache for any syntax errors with the following command:

apachectl -t

You should get the following output:

Syntax OK

Next, enable the Apache virtual host file for your website with the following command:

a2ensite example.conf

Next, restart the Apache service to implement the changes:

systemctl restart apache2

Step 5 – Verify Apache Password Authentication

At this point, your website is secured with Apache basic authentication.

To check it, open your web browser and type the URL http://example.com. You will be asked to provide a username and password to access your website, as shown below:

Provide your username and password and click on the Sign in button. You should see your website default page in the following screen:

Conclusion

In the above guide, we learned how to create a password protected website with Apache on Ubuntu 18.04. You can now easily password protect your website with Apache – test it out today with a VPS Hosting Plan from Atlantic.Net! For more information, you can visit the Apache official documentation at Apache Auth.

Get a $250 Credit and Access to Our Free Tier!
$250 Credit Good for 60 Days
Free Tier Includes:
G3.2GB Cloud VPS a Free to Use for One Year
50 GB of Block Storage Free to Use for One Year
50 GB of Snapshots Free to Use for One Year

Get A Free To Use Cloud VPS

Looking for a Hosting Solution?

We Provide Cloud, Dedicated, & Colocation.

  • Eight Global Data Center Locations.
  • Flexible Private, Public, & Hybrid Hosting.
  • 24x7x365 Security, Support, & Monitoring.
Contact Us Now!

Get a $250 Credit and Access to Our Free Tier!

Free Tier includes:
G3.2GB Cloud VPS a Free to Use for One Year
50 GB of Block Storage Free to Use for One Year
50 GB of Snapshots Free to Use for One Year

Get a Free-to-Use Cloud VPS