-
Russia8 (800) 707-83-77 -
United Kingdom+44 (20) 4577-20-00 -
USA+1 (929) 431-18-18 -
Israel+972 (55) 507-70-81 -
Brazil+55 (61) 3772-18-88 -
Canada+1 (416) 850-13-33 -
Czech Republic+420 (736) 353-668 -
Estonia+372 (53) 683-380 -
Greece+30 (800) 000-02-04 -
Ireland+353 (1) 699-43-88 -
Iceland+354 (53) 952-99 -
Lithuania+370 (700) 660-08 -
Netherlands+31 (970) 1027-77-87 -
Portugal+351 (800) 180-09-04 -
Romania+40 (376) 300-641 -
Sweden+46 (79) 008-11-99 -
Slovakia+421 (2) 333-004-23 -
Switzerland+41 (22) 508-77-76 -
Moldova+373 (699) 33-1-22
English
How to configure Auth Basic NGINX
- Main
- Knowledge base
- How to configure Auth Basic NGINX
You may have never given much thought to what Auth Basic is, but you've definitely encountered it when going into your router's settings. This is what they call the mechanism of authorization by username and password at the web server level. Such authorization is supported in Apache and Nginx. In this instruction we suggest to consider such a question as how to configure Auth Basic for a specific route or a specific site.
Configuring Auth Basic in NGINX
This is what the Auth Basic authorization window looks like:
Now you should understand what this instruction is about. It is possible to configure authorization for a specific URL, for the whole site or for all sites. But the first thing to do is to create a file with a list of users and passwords. For this purpose, we will use the htpasswd utility. The syntax of the command is as follows:
$ sudo htpasswd -c /path/to/file usernameIn this case, the -c option is used to create a new file, you don't need to use it to edit previously created files. For example:
$ sudo htpasswd -c /etc/nginx/auth.basic admin
The program will make a double password request. For security purposes, the password is not displayed, but it is entered. Once you have created such a file, you can go directly to the configuration of Nginx.
To password-protect all resources, you should add a directive to the http section of the /etc/nginx/nginx.conf file:
auth_basic "Restricted area";
auth_basic_user_file /etc/nginx/auth.basic;
To protect a specific page address (URL), you need to add a directive to the corresponding location block. This could be /wp-admin/admin-ajax.php:
location /wp-admin/admin-ajax.php {
auth_basic "Restricted area";
auth_basic_user_file /etc/nginx/auth.basic;
}
If the site is on WordPress, it is best to place the location in location/. All the rules described above will work, plus protection is provided. If you need to allow access for a specific location , the directive will look like auth_basic "off":
location /wp-admin/admin-ajax.php {
auth_basic "off";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9002;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
PHP processing will need to be added to the location block, otherwise the user will be prompted to download the script they are accessing.
Thus, setting up access in Nginx is not very difficult. You just need to configure the location block correctly.
Other articles of the section
