Restricting Access with HTTP Basic Authentication

Configuring Nginx

Restricting Access with HTTP Basic Authentication

by John Vincent


Posted on August 12, 2019


This document discusses configuring Nginx to restrict Access with HTTP Basic Authentication www.johnvincent.io website.

For extensive discussions regarding www.johnvincent.io, please see Overview of johnvincent.io website

Configuring Nginx to implement HTTP Basic Authentication

The goal is to password protect certain folders and pages.

Excellent references

Install Apache Utilities

sudo apt-get update
sudo apt-get install apache2-utils

Create Password File

Add a username

cd
cd tmp
sudo htpasswd -c /etc/nginx/.htpasswd jv

Add encrypted password

sudo sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"

Configuring Nginx

cd /etc/nginx/sites-available/https
sudo vi johnvincent.io

Add

location /interview {
    auth_basic           “Private Area”;
    auth_basic_user_file /etc/nginx/.htpasswd; 
}

Restart Nginx

nginx-restart

Remove from Site Map

Password protected pages need to be removed from the site map to prevent issues with Google Search. For details, see Google Coverage Issues

Problems

If get 401 Authorization Required and no sign in form

  • Try another browser
  • Open Devtools and re-try

Even then, may be necessary to refresh and re-try.

Building and deploying React Github Helper App to johnvincent.ioMailgun