in DevOps, security

Configure Password Authentication with Nginx

Add a new user for HTTP Auth .

printf "user:$(openssl passwd -crypt password 2> /dev/null)\n" > /etc/nginx/htpasswd

Replace user with user want to create and password with the password of the user want to set.

Create an acl.conf file.

# HTTP authentication || IP address
satisfy any;
auth_basic "Restricted Area";
auth_basic_user_file htpasswd;
# Allowed IP Address List
allow 127.0.0.1;
deny all;

Place the acl.conf file in the nginx root directory.

Enable httpauth from the site config

server {
    listen 80 ;
    ... 
    ...

# Include acl.conf file at the end
    include acl.conf;
}

Include acl.conf from the site config to enable.

Restart nginx to reflect the change.

Confirm the Password Authentication

To confirm that your content is protected, try to access your restricted content in a web browser. You should be presented with a username and password prompt that looks like this:

Nginx password prompt

If you enter the correct credentials, you will be allowed to access the content. If you enter the wrong credentials or hit “Cancel”, you will see the “Authorization Required” error page:

Nginx unauthorized error