DEV Community

S Karthik
S Karthik

Posted on

Securing Your Application with HTTP Basic Authentication in Nginx

Introduction

In this guide, we’ll walk you through setting up HTTP Basic Authentication for your application using Nginx. This will help you add an extra layer of security by requiring a username and password to access your application.

Setup Instructions

Step 1: Install Apache Utilities
First, we need to install apache2-utils, which provides the htpasswd utility for creating password files. I’m using an Ubuntu machine, so I have installed apache2-utils using the following commands.

sudo apt update
sudo apt install apache2-utils
Enter fullscreen mode Exit fullscreen mode

Step 2: Create the Password File
Next, we’ll create a password file that Nginx will use to authenticate users. We’ll store this file in /etc/apache2/.htpasswd.

sudo htpasswd -c /etc/apache2/.htpasswd yourusername
Enter fullscreen mode Exit fullscreen mode

Replace yourusername with the username you want to use. You'll be prompted to enter and confirm a password.

Step 3: Configure Nginx
Now, we need to modify the Nginx configuration to use this password file. Open your Nginx configuration file at /etc/nginx/sites-available/yourconfigfile

server {
    listen 80;
    server_name yourdomain.com;

    location / {
        proxy_pass http://localhost:YOUR_APPLICATION_PORT;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        auth_basic "Restricted Access";
        auth_basic_user_file /etc/apache2/.htpasswd;
    }
}
Enter fullscreen mode Exit fullscreen mode

Replace yourdomain.com with your actual domain name and YOUR_APPLICATION_PORT with the port your application is running on. This configuration tells Nginx to forward requests to your application and to use basic authentication with the credentials stored in /etc/apache2/.htpasswd.

Step 4: Enable the Configuration
Create a symbolic link from your configuration file in sites-available to sites-enabled to enable it in Nginx.

sudo ln -s /etc/nginx/sites-available/yourconfigfile /etc/nginx/sites-enabled/
Enter fullscreen mode Exit fullscreen mode

Replace yourconfigfile with the name of your Nginx configuration file.

Step 5: Test the Nginx Configuration
Before restarting Nginx, it’s a good idea to test the configuration to ensure there are no syntax errors.

sudo nginx -t
Enter fullscreen mode Exit fullscreen mode

Step 6: Restart Nginx
Finally, restart Nginx to apply the new configuration.

sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

Conclusion
Your application is now protected with HTTP Basic Authentication. When users attempt to access your site, they will be prompted to enter the username and password you configured. This added layer of security helps protect your application from unauthorized access.

Top comments (0)