DEV Community

Maxime Guilbert
Maxime Guilbert

Posted on • Edited on

Setup authentication in Nginx

When we use Nginx, it happends that we want to restrict the access to some URL and/or endpoints. So, to do it, we need to setup an authentication in Nginx, and it is what we will see today.


Htpasswd file

To let users being able to log-in, Nginx must have a file called htpasswd which will contains the name of each user and its password with the following format :

user1:password1
user2:password2
...
Enter fullscreen mode Exit fullscreen mode

User names are in clear text, but passwords are encrypted with BCrypt.

The easiest way to generate this file is to use the tool htpasswd.

Install htpasswd

This tool can be found in the apache2-utils package, that you can install with the following commands :

sudo apt-get update
sudo apt-get install apache2-utils
Enter fullscreen mode Exit fullscreen mode

Use htpasswd

The command has the following format :

htpasswd [options] [file path] [user name to add]
Enter fullscreen mode Exit fullscreen mode

The option to know is -c which will help us to create the file.

Then, you just need to use the command to add each user to want!

Example

# Create the file & add the user toto
htpasswd -c /etc/nginx/htpasswd toto

# Add another user to an existing file
htpasswd /etc/nginx/htpasswd titi
Enter fullscreen mode Exit fullscreen mode

Configure Nginx

The last step is to configure you Nginx instance. So in your configuration file, add both auth_basic & auth_basic_user_file parameters like in the following example and it should be good!

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.htm;

    server_name localhost;

    location / {
        try_files $uri $uri/ =404;
        auth_basic "Restricted Content";
        auth_basic_user_file /etc/nginx/.htpasswd;
    }
}
Enter fullscreen mode Exit fullscreen mode

II hope it will help you ! 🍺When we use Nginx, it happends that we want to restrict the access to some URL and/or endpoints. So, to do it, we need to setup an authentication in Nginx, and it is what we will see today.


Htpasswd file

To let users being able to log-in, Nginx must have a file called htpasswd which will contains the name of each user and its password with the following format :

user1:password1
user2:password2
...
Enter fullscreen mode Exit fullscreen mode

User names are in clear text, but passwords are encrypted with BCrypt.

The easiest way to generate this file is to use the tool htpasswd.

Install htpasswd

This tool can be found in the apache2-utils package, that you can install with the following commands :

sudo apt-get update
sudo apt-get install apache2-utils
Enter fullscreen mode Exit fullscreen mode

Use htpasswd

The command has the following format :

htpasswd [options] [file path] [user name to add]
Enter fullscreen mode Exit fullscreen mode

The option to know is -c which will help us to create the file.

Then, you just need to use the command to add each user to want!

Example

# Create the file & add the user toto
htpasswd -c /etc/nginx/htpasswd toto

# Add another user to an existing file
htpasswd /etc/nginx/htpasswd titi
Enter fullscreen mode Exit fullscreen mode

Configure Nginx

The last step is to configure you Nginx instance. So in your configuration file, add both auth_basic & auth_basic_user_file parameters like in the following example and it should be good!

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.htm;

    server_name localhost;

    location / {
        try_files $uri $uri/ =404;
        auth_basic "Restricted Content";
        auth_basic_user_file /etc/nginx/.htpasswd;
    }
}
Enter fullscreen mode Exit fullscreen mode

II hope it will help you ! 🍺


You want to support me?

Buy Me A Coffee

Top comments (0)