Nginx is a popular free web server used to host a website or web application online. Sometimes you may need to protect some external sections that contain sensitive information on your website. In this case, you can implement password protection to secure your data. Nginx has the ability to secure web directories by setting up basic authentication.

Step 1 – Install Nginx Web Server

Before starting, Nginx must be installed on your server. If not installed, you can install it using the following command.

apt install nginx -y

Once Nginx is installed, start and enable the Nginx service.

systemctl start nginx
systemctl enable nginx

Step 2 – Create a Password File Using OpenSSL

To set up a basic authentication, you will need to create a password file to store username and password information.

First, create a password file named .htpasswd and add a user called testuser.

sh -c "echo -n 'testuser:' >> /etc/nginx/.htpasswd"

Then, add a password for this user.

sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"

Set your user’s password as shown below.

Password: 
Verifying - Password: 

You can now verify your username and encrypted password using the following command.

cat /etc/nginx/.htpasswd

Output:

testuser:$apr1$YyYXPvbO$JaXhAmiNPeapbbWano6gj.

Step 3 – Create a Password File Using Apache Utils

You can also create a password file using the Apache Utils. In this method, you will need to install the apache2-utils package to your server.

apt install apache2-utils

Next, create a new user named newuser as shown below:

htpasswd /etc/nginx/.htpasswd newuser

Set a password for this user.

New password: 
Re-type new password: 
Adding password for user newuser

Next, verify your added user and password using the following command:

cat /etc/nginx/.htpasswd

Output:

testuser:$apr1$YyYXPvbO$JaXhAmiNPeapbbWano6gj.
newuser:$apr1$du.hu6U1$JD8cjsbzPNv89NPBXaTRJ1

Step 4 – Set Up Password Authentication in NGINX

Next, you will need to add the password authentication directives to the NGINX configuration file for your website.

nano /etc/nginx/sites-enabled/default

Add the auth_basic and auth_basic_user_file directives to your existing configuration as shown below:

server {
        listen 80 default_server;
        listen [::]:80 default_server;
        root /var/www/html;

        index index.html;

        server_name _;

        location / {
                try_files $uri $uri/ =404;
                auth_basic "Basic Authentication";
                auth_basic_user_file /etc/nginx/.htpasswd;


        }

}

Save and close the file, then restart the Nginx service to apply the changes.

systemctl restart nginx

Step 5 – Verify the Password Authentication

At this point, your Nginx website is protected with a password. You can now verify it using the URL http://your-server-ip. You will be asked to provide your username and password as shown below.

Nginx login screen

Type your username and password and click on the Sign In button to access your website content.

Conclusion

In this post, you learned how to protect your web directory in Nginx with password authentication. Implementing password protection is essential to restrict access to sensitive content of your website. Try to set up a basic authentication with Nginx on dedicated server hosting from Atlantic.Net!