111 lines
6.3 KiB
HTML
111 lines
6.3 KiB
HTML
|
<!DOCTYPE html>
|
|||
|
|
<html lang="en" class="main-background-image">
|
|||
|
|
<head>
|
|||
|
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache | vodoraslo's blog</title>
|
|||
|
|
<link rel="canonical" href="https://vodoraslo.xyz/">
|
|||
|
|
<link rel='alternate' type='application/rss+xml' title="vodoraslo's blog RSS" href='/index.xml'>
|
|||
|
|
<link rel='stylesheet' type='text/css' href='/style.css?v=1.0.0.12'>
|
|||
|
|
<link rel="icon" href="/favicon.ico">
|
|||
|
|
<meta name="description" content="Here’s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system’s (or your vps’) resources for yourself.
|
|||
|
|
The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith’s tutorial and have NGINX running with certbot for certificates.
|
|||
|
|
Create a username and password for authentication (or more than 1 user) First:"/>
|
|||
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|||
|
|
<meta name="robots" content="index, follow">
|
|||
|
|
<meta charset="utf-8">
|
|||
|
|
</head>
|
|||
|
|
<div class="main-background-image">
|
|||
|
|
<body>
|
|||
|
|
<main>
|
|||
|
|
<header><h1 style="margin-top: 0%; padding-top: 0.5em;" id="tag_Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache">Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</h1></header>
|
|||
|
|
<hr style="color:var(--strong);background-color: var(--strong); border-color: var(--strong);"><article style="padding: 0% 2.5% 0% 2.5%;">
|
|||
|
|
<div class="breadcrumbs">
|
|||
|
|
|
|||
|
|
<nav><a href="/">vodoraslo</a> / <a href="/articles/">Articles</a> / Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</nav>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<small><em><p style="color: var(--muted_text);">作成日: <time datetime="2024-09-05T17:05:07+03:00" style="color: var(--muted_text);">2024年9月5日 (木)</time>, 最終更新日: <time datetime="2024-09-05T17:05:07+03:00" style="color: var(--muted_text);">2024年9月5日 (木)</time> </p></em></small>
|
|||
|
|
<div class="post-content"><p>Here’s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system’s (<em>or your vps’</em>) resources for yourself.</p>
|
|||
|
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith’s tutorial and have NGINX running with certbot for certificates.</p>
|
|||
|
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)<a hidden class="anchor" aria-hidden="true" href="#create-a-username-and-password-for-authentication-or-more-than-1-user">#</a></h2>
|
|||
|
|
<p>First:</p>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="highlight">
|
|||
|
|
|
|||
|
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
|||
|
|
|
|||
|
|
<p>Then:</p>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="highlight">
|
|||
|
|
|
|||
|
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
|||
|
|
|
|||
|
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="highlight">
|
|||
|
|
|
|||
|
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
|||
|
|
|
|||
|
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
|||
|
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="highlight">
|
|||
|
|
|
|||
|
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
|||
|
|
|
|||
|
|
<p>Then provide a new password (the same password can also work but it’s more secure that way).</p>
|
|||
|
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX<a hidden class="anchor" aria-hidden="true" href="#add-the-htpasswd-file-to-nginx">#</a></h2>
|
|||
|
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="highlight">
|
|||
|
|
|
|||
|
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/<yourFileHere></span></span></code></pre></div>
|
|||
|
|
|
|||
|
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="highlight">
|
|||
|
|
|
|||
|
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">"Administrator’s</span> <span style="color:#98c379">Area"</span>;
|
|||
|
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
|||
|
|
|
|||
|
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
|||
|
|
|
|||
|
|
<div style="text-align: right;">
|
|||
|
|
|
|||
|
|
</div></div>
|
|||
|
|
|
|||
|
|
<br>
|
|||
|
|
<hr style="color:var(--strong); margin: 0; background-color: var(--strong); border-color: var(--strong);">
|
|||
|
|
<div id="nextprev">
|
|||
|
|
<a href="/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/"><div id="prevart"><i>Previous:</i><br>Block and Filter Spam Requests With User-Agents in Nginx</div></a>
|
|||
|
|
</div>
|
|||
|
|
<div >
|
|||
|
|
</div>
|
|||
|
|
</article>
|
|||
|
|
</main>
|
|||
|
|
|
|||
|
|
<footer style="padding-top: 0.5em;">
|
|||
|
|
|
|||
|
|
<div style="padding-bottom: 0.2em; display: inline-block;"><a href="https://vodoraslo.xyz/articles" title="List of all my articles and writings.">📜 Articles</a> <strong>•</strong> <a href="https://vodoraslo.xyz/library" title="My personal library.">📚 Library</a> <strong>•</strong> <a href="https://wiki.vodoraslo.xyz" title="My personal Wiki page.">🌐 Wiki</a> <strong>•</strong> <a href="https://vodoraslo.xyz/index.xml" title="Subscribe via RSS for updates.">📰 RSS</a><hr></div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div style="padding-bottom: 0.7em;" class="index-links"><a href="https://vodoraslo.xyz/" title="Return to the homepage.">🏠 Homepage</a></div>
|
|||
|
|
</footer>
|
|||
|
|
|
|||
|
|
</body>
|
|||
|
|
</div>
|
|||
|
|
</html>
|