banner
moeyy

moeyy

一条有远大理想的咸鱼。
github
mastodon
email
HomeArchivesNextJS BlogApps

Add user authentication configuration to the website using Nginx (Basic HTTP authentication)

77
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The document provides a tutorial on configuring Basic HTTP authentication for a website using Nginx. It explains how to restrict access to web content by requiring users to enter a valid username and password. The steps include: 1. **Generating an Authentication File**: Use the `openssl` command to create a password file with a specified username and password. 2. **Configuring the Nginx Server**: Modify the Nginx configuration file to include authentication directives, ensuring the correct path to the authentication file is specified. 3. **Restarting Nginx**: Restart the Nginx service to apply the changes. Additionally, it describes how to create an htpasswd file using a script for directory-specific authentication and how to adjust configurations to allow PHP parsing in protected directories. Finally, it emphasizes testing the configuration for errors before reloading Nginx.

Description: The ngx_http_auth_basic_module module allows visitors to access web content only after entering the correct username and password. Some content on the web is not meant to be known by others, but some people should be able to see it. The http auth module of nginx and Apache http auth are both good solutions.

image

Here, we take Jun Ge's LNMP as an example. By default, nginx has already installed the ngx_http_auth_basic_module module.

Nginx Authentication Configuration Example#

1. Generate Authentication File

# printf "test:$(openssl passwd -crypt 123456)\n" >>/home/htpasswd
# cat /home/htpasswd 
test:xyJkVhXGAZ8tM

Note: Here the account is: test, password: 123456, remember the path of the authentication file.

2. Configure Website Conf File

server{
       listen 80;
       server_name  www.moeyy.cn moeyy.cn;
       index index.html index.php;
       root /home/wwwroot/www.moeyy.cn;       
       location /
       {
                auth_basic "Please enter your username and password";
                auth_basic_user_file /home/htpasswd; 
                autoindex on;
       }
}

Note: Be sure to pay attention to the auth_basic_user_file path, otherwise, a 403 error will frequently occur.

3. Restart Nginx

/etc/init.d/nginx restart

Set Access Verification Username and Password for Nginx Directory under LNMP#

Sometimes it is necessary to add access verification for a specified directory like Apache. Generally, htpasswd is used to add it under Apache, and htpasswd is included in apache2-utils. Usually, the LNMP one-click installation package or self-compiled LNMP will not install apache2-utils.

1. Create a htpasswd-like File
Execute the following command:

wget -c https://www.moeyy.cn/usr/down/htpasswd.sh;bash htpasswd.sh

Follow the prompts to enter the username, password, and authentication file name. The script will automatically generate the authentication file. Record the file path returned by the script, e.g., /usr/local/nginx/conf/vpser.net.auth.

2. Add Auth Authentication Configuration for Nginx
Below is an example for the soft directory under a certain domain. Add the following code in the server section of the domain:

location ^~ /soft/
{
auth_basic "Authorized users only";
auth_basic_user_file write the file path returned by the previous script here;
}

Authorized users only is the prompt message, which can be modified to whatever you want it to say; the path after auth_basic_user_file needs to be filled with the file path returned by the htpasswd.sh script. After modifying the configuration as prompted above, restart nginx, and accessing http://yourdomainname/soft/ will prompt for a username and password.

Note: After adding authentication, PHP in that directory will not be parsed and will prompt for download. If you want PHP to be parsed, you can change the above configuration to:

location ^~ /soft/ {
    location ~ .*\.(phpphp5)?$ {
        fastcgi_pass unix:/tmp/php-cgi.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }
    auth_basic "Authorized users only";
    auth_basic_user_file write the file path returned by the previous script here;
}

This tutorial is suitable for the LNMP one-click installation package or self-installed LNMP, although the directory and configuration file locations may vary.

After setting, execute: /usr/local/nginx/sbin/nginx -t to test if there are any errors in the configuration.
Then execute: /usr/local/nginx/sbin/nginx -s reload to load the configuration file.

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.