Set up Password Authentication with NGINX

Learn how to set up a basic HTTP authentication system. This will allow you to password protect particular directories on your website, so that they can only be accessed after logging in with a username and password.

This form of password protection is a fast and easy way to provide a basic level of security via access authorization to a website.

Requirements

  • A server running Linux (Ubuntu 16.04 or CentOS 7)
  • NGINX installed and running.
Free Cloud Server Trial
Try our cloud hosting free for 30 days

Thanks to free starting credit, you can test the IONOS cloud server for 1 month free of charge (or until the credit is used up) and experience the perfect combination of performance and security!

Create the Password File with OpenSSH

Your server will most likely already have OpenSSH installed. If not, you can install it with the commands:

 CentOS 7:

sudo yum install openssh openssh-server openssh-clients openssl-libs

Ubuntu 16.04:

sudo apt-get install openssh-server

Use the following command to create a file named .htpasswd in the /etc/nginx directory:

sudo sh -c "echo -n '[username]:' >> /etc/nginx/.htpasswd"

For example, to add the user jdoe the command is:

sudo sh -c "echo -n 'jdoe:' >> /etc/nginx/.htpasswd"

Then add a password for this user with the command:

sudo sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"

You will be prompted to enter the password twice to confirm it.

Domain Transfer
Transfer your domain and get more
  • Packed with great features
  • Easy — transfer from any provider
  • No transfer fee

Set Up Password Authentication in NGINX

The next step is to add the password authentication directives to the NGINX configuration file for the domain on which you are installing Joomla.

In most cases, the domain's configuration file will be located in /etc/nginx/conf.d on CentoS 7, and /etc/nginx/sites-available on Ubuntu 16.04.

Edit this file:

CentOS 7:

sudo nano /etc/nginx/conf.d/example.com.conf

Ubuntu 16.04:

sudo nano /etc/nginx/sites-available/example.com.conf

You will add the following lines to this file:

auth_basic "Password Required";
    auth_basic_user_file /etc/nginx/.htpasswd;
Note

These two directives will provide a basic password restriction to the specified directory. NGINX offers many ways you can set up password protection for various files and directories, including the ability to filter by file type. If you want to set up a more complicated system for password-protection, consult the official NGINX documentation for more details.

To protect the entire site, put the directives inside the existing location / command block. If no command block exists, add one:

location / {
    auth_basic "Password Required";
    auth_basic_user_file /etc/nginx/.htpasswd;
}

If you wish to password-protect a sub-directory, specify that directory instead:

location /admin {
    auth_basic "Password Required";
    auth_basic_user_file /etc/nginx/.htpasswd;
}

Be sure to add this location block inside the server block. For example, if your configuration file looks like this:

server {
    listen       80;
    server_name  example.com;
    root /usr/share/nginx/example.com/html/;
    index index.php index.html index.htm;
}

After adding the new section, it will look like this:

server {
        listen             80;
        server_name    example.com;
        root /usr/share/nginx/example.com/html/;
        index index.php index.html index.htm;
location / {
        auth_basic "Password Required";
        auth_basic_user_file /etc/nginx/.htpasswd;
    }
}

Save and exit the file, then restart NGINX:

sudo nginx -s reload

To test the configuration, visit the URL in a browser. If the configuration is set up correctly, you will see a pop-up message asking you to enter the username and password.

Be secure. Buy an SSL certificate.
  • Secures data transfers
  • Avoids browser warnings
  • Improves your Google ranking

SSL Certificate Checker

SSL Certificate Checker
Was this article helpful?
We use cookies on our website to provide you with the best possible user experience. By continuing to use our website or services, you agree to their use. More Information.
Page top