How to configure Basic Authentication in Nginx using centos

To configure Basic Authentication in Nginx using centos

A Web server contains various domains which are accessible by the public on the internet and there are some pages which are confidential so that page requires user' s authentication. Say for example my domain is linuxhelp1.com and linuxhelp1.com/admin requires user' s authentication which is admin credentials When a client sends a GET request for /admin page the admin page automatically responds with 401 authentications required format along with the type of authentication which is mentioned in a family. The request contains the username and password which is basically encoded with base64 encoding and sent to the client.

Configuration

Here is my nginx instance is running on the web server

[root@linuxhelp ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service  enabled  vendor preset: disabled)
   Active: active (running) since Wed 2018-02-21 17:20:03 IST  9min ago
  Process: 9513 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 9510 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 9509 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 9516 (nginx)
   CGroup: /system.slice/nginx.service
           ├─9516 nginx: master process /usr/sbin/nginx
           └─9517 nginx: worker process

Feb 21 17:20:03 www.linuxhelp1.com systemd[1]: Starting The nginx HTTP and reverse proxy server...
Feb 21 17:20:03 www.linuxhelp1.com nginx[9510]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Feb 21 17:20:03 www.linuxhelp1.com nginx[9510]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Feb 21 17:20:03 www.linuxhelp1.com systemd[1]: Failed to read PID from file /run/nginx.pid: Invalid argument
Feb 21 17:20:03 www.linuxhelp1.com systemd[1]: Started The nginx HTTP and reverse proxy server.

Let' s take a look at the configuration file before configuring authentication 

[root@linuxhelp ~]# cd /etc/nginx/conf.d/    

server {

server_name www.linuxhelp1.com 

   location / {
   root /usr/share/nginx/html 
   }
location /admin {
   root /usr/share/nginx/html 
    index  index.html 
 
   }
}
[root@linuxhelp ~]# cd /usr/share/nginx/html/
[root@linuxhelp html]# ls -l
total 20
-rw-r--r--. 1 root root 3650 Oct 18 13:38 404.html
-rw-r--r--. 1 root root 3693 Oct 18 13:38 50x.html
drwxr-xr-x. 2 root root   23 Feb 21 16:54 admin
-rw-r--r--. 1 root root 3700 Oct 18 13:38 index.html
-rw-r--r--. 1 root root  368 Oct 18 13:38 nginx-logo.png
-rw-r--r--. 1 root root 2811 Oct 18 13:38 poweredby.png
[root@linuxhelp html]# cd admin
[root@linuxhelp admin]# vim index.html
< h1> 
This is the secret admin page
< /h1>

Access the browser http://www.linuxhelp1.com and check the output

Restart your nginx service

[root@linuxhelp ~]# systemctl restart nginx

Let' s configure file location for providing authentication

[root@linuxhelp ~]# cd /etc/nginx/conf.d/    

server {

server_name www.linuxhelp1.com 

   location / {
   root /usr/share/nginx/html 
   }
location /admin {
   root /usr/share/nginx/html 
    index  index.html 
 auth_basic "  Basic Authentication "   
    auth_basic_user_file " /etc/nginx/.htpasswd"  
   }
}

Now create htpasswd for that make sure you have httpd-tools installed on your machine

[root@linuxhelp conf.d]# rpm -qa | grep httpd-tools
httpd-tools-2.4.6-67.el7.centos.6.x86_64

Else you can install it by running following command

[root@linuxhelp conf.d]# yum install httpd-tools
Creating password
[root@linuxhelp conf.d]# cd
[root@linuxhelp ~]# cd /etc/nginx/
[root@linuxhelp nginx]# htpasswd -c /etc/nginx/.htpasswd admin
New password:
Re-type new password: 
Adding password for user admin

after making changes restart your nginx service to make the changes effect

[root@linuxhelp nginx]# systemctl restart nginx

Now let' s access the Web browser http://www.linuxhelp1.com

As you can see from the below output, it requires authentication for accessing the admin page


with this, the method to configure Basic Authentication in Nginx comes to an end.

Tag : Nginx Authentication
FAQ
Q
Can we leave everything as-is after we successfully do a trial of NGINX Plus and have purchased subscriptions, or will we need to re-install/re-deploy NGINX Plus?
A
You don’t have to re-install anything. You must replace the evaluation certificate with the production certificate or else the evaluation install of NGINX Plus will fail to start once the evaluation certificate has expired. You can get your production certificate from the NGINX Plus Customer Portal. Copy it to the /etc/ssl/nginx directory, replacing the evaluation certificate.
Q
What is NGINX Plus and how is it different from NGINX open source?
A
Get the information of NGINX Plus and how is it different from NGINX open source as "https://www.nginx.com/products/nginx/#compare-versions"
Q
When should I use NGINX open source?
A
you want to view or edit the source code;
you want to compile in 3rd party modules not included in NGINX Plus Extras, or you want to create your own custom modules;
you want to maintain your own packages and security fixes;
you are working in an environment where you don’t require support.
Q
Is NGINX Plus a software package or a “virtual appliance” (an image of a virtual machine for ESX/Xen/etc.)?
A
NGINX Plus is the same compact, the software-only package for any supported Linux based system as NGINX open source. Packaged virtual appliances are available for Amazon AWS, and it is possible to deploy NGINX Plus within chroot jails, linux containers and your own virtual machine.
Q
How do I obtain NGINX Plus from the repository?
A
For obtain NGINX Plus from the repository"https://cs.nginx.com/repo_setup?_ga=2.253467521.929972702.1539580057-1980153321.1539580057"