Nginx Password Protect Web Directory<\/p>\n<\/div>\n In this tutorial, we are going to show you a simple, but effective technique how to\u00a0password protected web directory when running Nginx as web server.<\/p>\n In case you are using Apache web server, you can check our guide for password protecting a web directory:<\/p>\n To complete the steps in this tutorial, you will need to have:<\/p>\n 1.<\/strong>\u00a0To password protect our web directory, we will need to create the file that will contain our encrypted\u00a0username<\/strong>\u00a0and\u00a0password<\/strong>.<\/p>\n When using\u00a0Apache<\/strong>, you can use the \u201chtpasswd<\/strong>\u201d utility. If you have that utility installed on your system, you can use this command to generate the password file:<\/p>\n When running this command, you will be asked to set a password for the above user and after that the\u00a0.htpasswd<\/strong>\u00a0file will be created in the specified directory.<\/p>\n htpasswd: Create Nginx User Password File<\/p>\n<\/div>\n 2.<\/strong>\u00a0If you don\u2019t have that tool installed, you can create the\u00a0.htpasswd<\/strong>\u00a0file manually. The file should have the following syntax:<\/p>\n The\u00a0username<\/strong>\u00a0that you will use depends on you, choose whatever you like.<\/p>\n The more important part is the way that you will generate the password for that user.<\/p>\n 3.<\/strong>\u00a0To generate the password,\u00a0use Perl\u2019s integrated\u00a0\u201ccrypt\u201d<\/strong>\u00a0function.<\/p>\n Here is an example of that command:<\/p>\n A real life example:<\/p>\n Generate Encrypted Pasword<\/p>\n<\/div>\n Now open a file and put your username and the generated in string it, separated with semicolon.<\/p>\n Here is how:<\/p>\n Put your username and password. In my case it looks like this:<\/p>\n Save the file by hitting\u00a0\u201cEsc\u201d<\/strong>\u00a0followed by\u00a0\u201c:wq\u201d<\/strong>.<\/p>\n Add Encrypted Password to htpasswd<\/p>\n<\/div>\n 4.<\/strong>\u00a0Now open and edit the Nginx configuration file associated with the site you are working on. In our case we will use the default file at:<\/p>\n In our example, we will password protect the directory root for nginx, which is:\u00a0 5.<\/strong>\u00a0Now add the following two lines section under the path you wish to protect.<\/p>\n Password Protect Nginx Directory<\/p>\n<\/div>\n Now save the file and restart Nginx with:<\/p>\n 6.<\/strong>\u00a0Now\u00a0copy\/paste that IP address in your browser and you should be asked for password:<\/p>\n Nginx Password Protect Login<\/p>\n<\/div>\n That\u2019s it! Your main web directory is now protected. When you want to remove the password protection on the site, simply remove the two lines that you just added to\u00a0.htpasswd<\/strong>\u00a0file or use the following command to remove the added user from a password file.<\/p>\n![\"Nginx](\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2015\/11\/Nginx-Password-Protect-Website.png\")
<\/a><\/p>\n\n
Requirements<\/h4>\n
\n
Step 1: Create User and Password<\/h3>\n
# htpasswd -c \/path\/to\/file\/.htpasswd username\r\n<\/pre>\n
<\/a><\/p>\nusername:encrypted-password:comment<\/pre>\n
Step 2: Generate Encrypted Password<\/h3>\n
# perl -le 'print crypt(\"your-password\", \"salt-hash\")'\r\n<\/pre>\n
# perl -le 'print crypt(\"#12Dfsaa$fa\", \"1xzcq\")'\r\n<\/pre>\n
<\/a><\/p>\n# vi \/home\/tecmint\/.htpasswd\r\n<\/pre>\n
tecmint:1xV2Rdw7Q6MK.\r\n<\/pre>\n
<\/a><\/p>\nStep 3: Update Nginx Configuration<\/h3>\n
# vi \/etc\/nginx\/conf.d\/default.conf [For CentOS<\/strong> based systems]\r\nOR\r\n# vi \/etc\/nginx\/nginx.conf [For CentOS<\/strong> based systems]\r\n\r\n\r\n# vi \/etc\/nginx\/sites-enabled\/default [For Debian<\/strong> based systems]\r\n<\/pre>\n
\/usr\/share\/nginx\/html<\/code>.<\/p>\nauth_basic \"Administrator Login\";\r\nauth_basic_user_file \/home\/tecmint\/.htpasswd;\r\n<\/pre>\n
<\/a><\/p>\n# systemctl restart nginx\r\nOR\r\n# service nginx restart\r\n<\/pre>\n
<\/a><\/p>\n# htpasswd -D \/path\/to\/file\/.htpasswd username<\/pre>\n