Securing Your Application with HTTP Basic Authentication in Nginx

Introduction

In this guide, we’ll walk you through setting up HTTP Basic Authentication for your application using Nginx. This will help you add an extra layer of security by requiring a username and password to access your application.


This content originally appeared on DEV Community and was authored by S Karthik

Introduction

In this guide, we’ll walk you through setting up HTTP Basic Authentication for your application using Nginx. This will help you add an extra layer of security by requiring a username and password to access your application.

Setup Instructions

Step 1: Install Apache Utilities
First, we need to install apache2-utils, which provides the htpasswd utility for creating password files. I’m using an Ubuntu machine, so I have installed apache2-utils using the following commands.

sudo apt update
sudo apt install apache2-utils

Step 2: Create the Password File
Next, we’ll create a password file that Nginx will use to authenticate users. We’ll store this file in /etc/apache2/.htpasswd.

sudo htpasswd -c /etc/apache2/.htpasswd yourusername

Replace yourusername with the username you want to use. You'll be prompted to enter and confirm a password.

Step 3: Configure Nginx
Now, we need to modify the Nginx configuration to use this password file. Open your Nginx configuration file at /etc/nginx/sites-available/yourconfigfile

server {
    listen 80;
    server_name yourdomain.com;

    location / {
        proxy_pass http://localhost:YOUR_APPLICATION_PORT;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        auth_basic "Restricted Access";
        auth_basic_user_file /etc/apache2/.htpasswd;
    }
}

Replace yourdomain.com with your actual domain name and YOUR_APPLICATION_PORT with the port your application is running on. This configuration tells Nginx to forward requests to your application and to use basic authentication with the credentials stored in /etc/apache2/.htpasswd.

Step 4: Enable the Configuration
Create a symbolic link from your configuration file in sites-available to sites-enabled to enable it in Nginx.

sudo ln -s /etc/nginx/sites-available/yourconfigfile /etc/nginx/sites-enabled/

Replace yourconfigfile with the name of your Nginx configuration file.

Step 5: Test the Nginx Configuration
Before restarting Nginx, it’s a good idea to test the configuration to ensure there are no syntax errors.

sudo nginx -t

Step 6: Restart Nginx
Finally, restart Nginx to apply the new configuration.

sudo systemctl restart nginx

Conclusion
Your application is now protected with HTTP Basic Authentication. When users attempt to access your site, they will be prompted to enter the username and password you configured. This added layer of security helps protect your application from unauthorized access.


This content originally appeared on DEV Community and was authored by S Karthik


Print Share Comment Cite Upload Translate Updates
APA

S Karthik | Sciencx (2024-06-22T09:01:59+00:00) Securing Your Application with HTTP Basic Authentication in Nginx. Retrieved from https://www.scien.cx/2024/06/22/securing-your-application-with-http-basic-authentication-in-nginx/

MLA
" » Securing Your Application with HTTP Basic Authentication in Nginx." S Karthik | Sciencx - Saturday June 22, 2024, https://www.scien.cx/2024/06/22/securing-your-application-with-http-basic-authentication-in-nginx/
HARVARD
S Karthik | Sciencx Saturday June 22, 2024 » Securing Your Application with HTTP Basic Authentication in Nginx., viewed ,<https://www.scien.cx/2024/06/22/securing-your-application-with-http-basic-authentication-in-nginx/>
VANCOUVER
S Karthik | Sciencx - » Securing Your Application with HTTP Basic Authentication in Nginx. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2024/06/22/securing-your-application-with-http-basic-authentication-in-nginx/
CHICAGO
" » Securing Your Application with HTTP Basic Authentication in Nginx." S Karthik | Sciencx - Accessed . https://www.scien.cx/2024/06/22/securing-your-application-with-http-basic-authentication-in-nginx/
IEEE
" » Securing Your Application with HTTP Basic Authentication in Nginx." S Karthik | Sciencx [Online]. Available: https://www.scien.cx/2024/06/22/securing-your-application-with-http-basic-authentication-in-nginx/. [Accessed: ]
rf:citation
» Securing Your Application with HTTP Basic Authentication in Nginx | S Karthik | Sciencx | https://www.scien.cx/2024/06/22/securing-your-application-with-http-basic-authentication-in-nginx/ |

Please log in to upload a file.




There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.