Nginx is a free, open-source web server used for load balancing, buffering, and caching. Since its inception in 2004, Nginx has gained popularity for scaling web servers and reverse proxying. Due to its high performance and excellent capabilities to handle a large volume of connections, it is used to manage and control incoming traffic.
How Does HTTP Authentication Work?
In basic HTTP authentication, all the routes on the server are blocked and require the appropriate credentials to authenticate. Whenever a user tries to access a secured resource, the server sends the user a WWW-Authenticate header and a 401 Unauthorized response. If the username and password used by the user are correct and match with the key file, the connection is established, else it is denied.
In this tutorial, we’ll walk you through the steps of setting up basic HTTP authentication with Nginx on Ubuntu 20.04.
Prerequisites
To follow along with this tutorial, you’ll need the following:
- The latest version of Ubuntu installed on your system.
- System users must have sudo privileges.
- Nginx installed and configured on your server.
Step 1: Update Software Repositories
Before installing any new software or an API package on your system, refresh the repositories to avoid errors or any package conflicts. Initially, we’ll update the software using the sudo command:
|
1 |
sudo apt-get update |
Now that we have updated software repositories, let’s install the necessary apache2 packages.
Step 2: Install Necessary Packages
As we are setting up HTTP Authentication for a directory, we’ll be using the htpasswd command to create an encrypted password. Install the apache2-utils package using the following command:
|
1 |
sudo apt-get install apache2-utils |
Step 3: Create User and Password
In this step, we’ll set up the basic HTTP Authentication credentials. Under the root directory, create a .htpasswd file associated with the user. The password will be encrypted, and the file name can be anything of your choice. Use the following command to create the file and add the user with an encrypted password:
|
1 |
sudo htpasswd -c /etc/nginx/.htpasswd cloudsigma |
Next, verify the newly-created file using the following command:
|
1 |
cat /etc/nginx/.htpasswd |
Step 4: Update the Nginx Configuration
Once we have our HTTP basic authentication credentials, let’s set up Nginx and use it on our target website. We require auth_basic and auth_basic_user_file directives to establish the HTTP basic authentication. The value of auth_basic directive is a string format, whereas the value of auth_basic_user_file is the path to the password file created in Step 3.
It is important to include the two directives in the configuration file of the target website. You’ll find the location of the targeted website in the /etc/nginx/sites-available directory. Open the configuration file using the nano editor:
|
1 |
sudo nano /etc/nginx/sites-available/default |
Then, add both of these directives under the location section:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
. . . server_name localhost; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules auth_basic "Private Property"; auth_basic_user_file /etc/nginx/.htpasswd; } . . . |
After adding the directive, save and close the configuration file.
Step 5: Restart Ngnix
Next, reload or restart the Nginx services to apply the changes on our virtual host. After that, we’ll try to access the secured domain using our basic HTTP authentication. Use the following command to activate the Nginx services:
|
1 |
sudo service nginx reload |
Step 6: Secure Web Access
Once you’ve restarted Nginx, the next step is to try to access the IP address or domain name in your favorite browser. On clicking the IP address http://your_domain_name/ in your browser, a prompt will open asking you to enter the credentials to authenticate. Once you enter the right username and password, you’ll see a default Nginx home page.
Conclusion
In this tutorial, we learned how to configure basic HTTP authentication with Nginx. The basic username/password authentication is just one of the many authentication options to establish a secure connection in Nginx.
There are other powerful options used for server authentication. For example, some popular methods you can use include API integrations, JSON Web Tokens, SSH key-based authentications. Even though obtaining robust security mechanisms may seem tricky initially, they are highly effective to safeguard your privacy.
Furthermore, there are many other learning materials and tutorials on Nginx that you can access from our blogs:
- Nginx Server and Location Block Selection Algorithms Overview
- Installing and Configuring Laravel with Nginx on Ubuntu 20.04
- Setting Up Django with PostgreSQL, Nginx, and Gunicorn on Ubuntu 20.04
Happy Computing!
- How To Set Up GitHub Continuous Integration Pipelines With Self-Hosted Runners on Ubuntu 22.04. - March 20, 2023
- Managing CSV in Node.js using Node-CSV - March 15, 2023
- Containerize A Python App using Docker - March 7, 2023
- Using GitLab for Managing Projects - September 15, 2022
- Creating Drag and Drop Elements with Pure, Vanilla JavaScript - August 4, 2022