How to configure Basic Authentication in Nginx using centos
To configure Basic Authentication in Nginx using centos
A Web server contains various domains which are accessible by the public on the internet and there are some pages which are confidential so that page requires user' s authentication. Say for example my domain is linuxhelp1.com and linuxhelp1.com/admin requires user' s authentication which is admin credentials When a client sends a GET request for /admin page the admin page automatically responds with 401 authentications required format along with the type of authentication which is mentioned in a family. The request contains the username and password which is basically encoded with base64 encoding and sent to the client.
Configuration
Here is my nginx instance is running on the web server
[root@linuxhelp ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service enabled vendor preset: disabled)
Active: active (running) since Wed 2018-02-21 17:20:03 IST 9min ago
Process: 9513 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 9510 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 9509 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 9516 (nginx)
CGroup: /system.slice/nginx.service
├─9516 nginx: master process /usr/sbin/nginx
└─9517 nginx: worker process
Feb 21 17:20:03 www.linuxhelp1.com systemd[1]: Starting The nginx HTTP and reverse proxy server...
Feb 21 17:20:03 www.linuxhelp1.com nginx[9510]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Feb 21 17:20:03 www.linuxhelp1.com nginx[9510]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Feb 21 17:20:03 www.linuxhelp1.com systemd[1]: Failed to read PID from file /run/nginx.pid: Invalid argument
Feb 21 17:20:03 www.linuxhelp1.com systemd[1]: Started The nginx HTTP and reverse proxy server.
Let' s take a look at the configuration file before configuring authentication
[root@linuxhelp ~]# cd /etc/nginx/conf.d/ server { server_name www.linuxhelp1.com location / { root /usr/share/nginx/html } location /admin { root /usr/share/nginx/html index index.html } } [root@linuxhelp ~]# cd /usr/share/nginx/html/ [root@linuxhelp html]# ls -l total 20 -rw-r--r--. 1 root root 3650 Oct 18 13:38 404.html -rw-r--r--. 1 root root 3693 Oct 18 13:38 50x.html drwxr-xr-x. 2 root root 23 Feb 21 16:54 admin -rw-r--r--. 1 root root 3700 Oct 18 13:38 index.html -rw-r--r--. 1 root root 368 Oct 18 13:38 nginx-logo.png -rw-r--r--. 1 root root 2811 Oct 18 13:38 poweredby.png [root@linuxhelp html]# cd admin [root@linuxhelp admin]# vim index.html < h1> This is the secret admin page < /h1>
Access the browser http://www.linuxhelp1.com and check the output
Restart your nginx service
[root@linuxhelp ~]# systemctl restart nginx
Let' s configure file location for providing authentication
[root@linuxhelp ~]# cd /etc/nginx/conf.d/
server {
server_name www.linuxhelp1.com
location / {
root /usr/share/nginx/html
}
location /admin {
root /usr/share/nginx/html
index index.html
auth_basic " Basic Authentication "
auth_basic_user_file " /etc/nginx/.htpasswd"
}
}
Now create htpasswd for that make sure you have httpd-tools installed on your machine
[root@linuxhelp conf.d]# rpm -qa | grep httpd-tools
httpd-tools-2.4.6-67.el7.centos.6.x86_64
Else you can install it by running following command
[root@linuxhelp conf.d]# yum install httpd-tools Creating password [root@linuxhelp conf.d]# cd [root@linuxhelp ~]# cd /etc/nginx/ [root@linuxhelp nginx]# htpasswd -c /etc/nginx/.htpasswd admin New password: Re-type new password: Adding password for user admin
after making changes restart your nginx service to make the changes effect
[root@linuxhelp nginx]# systemctl restart nginx
Now let' s access the Web browser http://www.linuxhelp1.com
As you can see from the below output, it requires authentication for accessing the admin page
with this, the method to configure Basic Authentication in Nginx comes to an end.
you want to compile in 3rd party modules not included in NGINX Plus Extras, or you want to create your own custom modules;
you want to maintain your own packages and security fixes;
you are working in an environment where you don’t require support.