In order to secure your website with Basic HTTP authentication in Traefik do the following.
1. Download apache2-utils
sudo apt install apache2-utils
2. Generate password and copy its output
htpasswd -nB adam
The n option will display the hash in stdout and the B option will use more secure encryption.
devto password's hash is shown below:
adam:$2y$05$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq
3. Replace $ with $$
adam:$$2y$$05$$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq
4. Create a new middleware in Traefik for HTTP basic auth for your HTTPS entrypoint.
labels:
- "traefik.http.middlewares.yourservice-basicauth.basicauth.users=adam:$$2y$$05$$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq"
Remember to use the escaped double $.
5. Create a new chain for your HTTPS connection.
You may have existing rules for your HTTPS route, e.g. compressing, etc.
So create a new chain where you'll combine your existing middlewars and the newly created yoursite-basicauth.
In your docker-compose.yml file:
labels:
- "traefik.http.middlewares.yourservice-https-chain.chain.middlewares=yourservice-basicauth,yourservice-other-middleware-remove-or-replace-with-yours"
- "traefik.http.routers.yourservice-https.middlewares=yourservice-https-chain"
Restart your service and your website will now prompt browsers for username and password.
Top comments (1)
Thanks. Works like a charm.