Nginx is a popular free web server used to host a website or web application online. Sometimes you may need to protect some external sections that contain sensitive information on your website. In this case, you can implement password protection to secure your data. Nginx has the ability to secure web directories by setting up basic authentication.
Step 1 – Install Nginx Web Server
Before starting, Nginx must be installed on your server. If not installed, you can install it using the following command.
apt install nginx -y
Once Nginx is installed, start and enable the Nginx service.
systemctl start nginx systemctl enable nginx
Step 2 – Create a Password File Using OpenSSL
To set up a basic authentication, you will need to create a password file to store username and password information.
First, create a password file named .htpasswd and add a user called testuser.
sh -c "echo -n 'testuser:' >> /etc/nginx/.htpasswd"
Then, add a password for this user.
sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"
Set your user’s password as shown below.
Password: Verifying - Password:
You can now verify your username and encrypted password using the following command.
cat /etc/nginx/.htpasswd
Output:
testuser:$apr1$YyYXPvbO$JaXhAmiNPeapbbWano6gj.
Step 3 – Create a Password File Using Apache Utils
You can also create a password file using the Apache Utils. In this method, you will need to install the apache2-utils package to your server.
apt install apache2-utils
Next, create a new user named newuser as shown below:
htpasswd /etc/nginx/.htpasswd newuser
Set a password for this user.
New password: Re-type new password: Adding password for user newuser
Next, verify your added user and password using the following command:
cat /etc/nginx/.htpasswd
Output:
testuser:$apr1$YyYXPvbO$JaXhAmiNPeapbbWano6gj. newuser:$apr1$du.hu6U1$JD8cjsbzPNv89NPBXaTRJ1
Step 4 – Set Up Password Authentication in NGINX
Next, you will need to add the password authentication directives to the NGINX configuration file for your website.
nano /etc/nginx/sites-enabled/default
Add the auth_basic and auth_basic_user_file directives to your existing configuration as shown below:
server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; index index.html; server_name _; location / { try_files $uri $uri/ =404; auth_basic "Basic Authentication"; auth_basic_user_file /etc/nginx/.htpasswd; } }
Save and close the file, then restart the Nginx service to apply the changes.
systemctl restart nginx
Step 5 – Verify the Password Authentication
At this point, your Nginx website is protected with a password. You can now verify it using the URL http://your-server-ip. You will be asked to provide your username and password as shown below.
Type your username and password and click on the Sign In button to access your website content.
Conclusion
In this post, you learned how to protect your web directory in Nginx with password authentication. Implementing password protection is essential to restrict access to sensitive content of your website. Try to set up a basic authentication with Nginx on dedicated server hosting from Atlantic.Net!