DEV Community

loading...

Basic HTTP authentication in Traefik

Łukasz Wolnik
React / React Native / JavaScript / IoT developer
・1 min read

In order to secure your website with Basic HTTP authentication in Traefik do the following.

1. Download apache2-utils

sudo apt install apache2-utils
Enter fullscreen mode Exit fullscreen mode

2. Generate password and copy its output

htpasswd -nB adam
Enter fullscreen mode Exit fullscreen mode

The n option will display the hash in stdout and the B option will use more secure encryption.

devto password's hash is shown below:

adam:$2y$05$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq
Enter fullscreen mode Exit fullscreen mode

3. Replace $ with $$

adam:$$2y$$05$$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq
Enter fullscreen mode Exit fullscreen mode

4. Create a new middleware in Traefik for HTTP basic auth for your HTTPS entrypoint.

- "traefik.http.middlewares.yourservice-basicauth.basicauth.users=adam:$$2y$$05$$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq"
Enter fullscreen mode Exit fullscreen mode

Remember to use the escaped double $.

5. Create a new chain for your HTTPS connection.

You may have existing rules for your HTTPS route, e.g. compressing, etc.

So create a new chain where you'll combine your existing middlewars and the newly created yoursite-basicauth.

In your docker-compose.yml file:

  labels:
    - "traefik.http.middlewares.yourservice-https-chain.chain.middlewares=yourservice-basicauth,yourservice-other-middleware-remove-or-replace-with-yours"
    - "traefik.http.routers.yourservice-https.middlewares=yourservice-https-chain"
Enter fullscreen mode Exit fullscreen mode

Basic HTTP auth in Traefik

Restart your service and your website will now prompt browsers for username and password.

Discussion (0)