DEV Community

S Karthik
S Karthik

Posted on

Securing Your Application with HTTP Basic Authentication in Nginx

Introduction

In this guide, we’ll walk you through setting up HTTP Basic Authentication for your application using Nginx. This will help you add an extra layer of security by requiring a username and password to access your application.

Setup Instructions

Step 1: Install Apache Utilities
First, we need to install apache2-utils, which provides the htpasswd utility for creating password files. I’m using an Ubuntu machine, so I have installed apache2-utils using the following commands.

sudo apt update
sudo apt install apache2-utils
Enter fullscreen mode Exit fullscreen mode

Step 2: Create the Password File
Next, we’ll create a password file that Nginx will use to authenticate users. We’ll store this file in /etc/apache2/.htpasswd.

sudo htpasswd -c /etc/apache2/.htpasswd yourusername
Enter fullscreen mode Exit fullscreen mode

Replace yourusername with the username you want to use. You'll be prompted to enter and confirm a password.

Step 3: Configure Nginx
Now, we need to modify the Nginx configuration to use this password file. Open your Nginx configuration file at /etc/nginx/sites-available/yourconfigfile

server {
    listen 80;
    server_name yourdomain.com;

    location / {
        proxy_pass http://localhost:YOUR_APPLICATION_PORT;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        auth_basic "Restricted Access";
        auth_basic_user_file /etc/apache2/.htpasswd;
    }
}
Enter fullscreen mode Exit fullscreen mode

Replace yourdomain.com with your actual domain name and YOUR_APPLICATION_PORT with the port your application is running on. This configuration tells Nginx to forward requests to your application and to use basic authentication with the credentials stored in /etc/apache2/.htpasswd.

Step 4: Enable the Configuration
Create a symbolic link from your configuration file in sites-available to sites-enabled to enable it in Nginx.

sudo ln -s /etc/nginx/sites-available/yourconfigfile /etc/nginx/sites-enabled/
Enter fullscreen mode Exit fullscreen mode

Replace yourconfigfile with the name of your Nginx configuration file.

Step 5: Test the Nginx Configuration
Before restarting Nginx, it’s a good idea to test the configuration to ensure there are no syntax errors.

sudo nginx -t
Enter fullscreen mode Exit fullscreen mode

Step 6: Restart Nginx
Finally, restart Nginx to apply the new configuration.

sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

Conclusion
Your application is now protected with HTTP Basic Authentication. When users attempt to access your site, they will be prompted to enter the username and password you configured. This added layer of security helps protect your application from unauthorized access.

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read full post →

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Retry later