In this tutorial, we will show you how to protect a directory with a password on Nginx. For those of you who didn’t know, unlike Apache, Nginx does not have any .htaccess file. Password protection is achieved by using the Nginx HttpAuthBasic module directives in the configuration file. For future reference, I will show you steps to protect the directory with a password on Nginx.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step Protect Directory With Password on Nginx.
Prerequisites
- A server running one of the following operating systems: Debian-based or RHEL-based
- SSH access to the server (or just open Terminal if you’re on a desktop).
- An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for Nginx.
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Protect Directory With Password on Nginx
Step 1. The first step is to update your system to the latest version of the package list. To do so, run the following commands:
sudo dnf check-update sudo dnf install httpd-tools
Step 2. Installing Nginx.
Nginx is available in the official Rocky Linux or RHEL-based repository and can be easily installed using the dnf package manager. To install Nginx, run the following command:
sudo dnf install nginx
Once the installation is complete, start the Nginx service and enable it to start automatically on boot by running the following commands:
sudo systemctl start nginx sudo systemctl enable nginx
For additional resources on installing Nginx, read the post below:
Step 3. Configuration Nginx File.
Run the following command to open the Nginx server configuration file:
nano /etc/nginx/nginx.conf
Add the following line:
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd;
}
Step 4. Configure Password Protect Nginx.
Once the htpasswd the tool is installed, now create the htpasswd file, notice that the file is /etc/nginx/htpasswd. This means you need to use htpasswd to create that file:
htpasswd -c /etc/nginx/htpasswd yourusername New password: Re-type new password: Adding password for user yourusername
Save and close the file, then restart Nginx to take change effect:
sudo systemctl restart nginx
Step 5. Verify Nginx Basic Authentication.
Now when you visit your directory or domain, you will be asked to enter a username and password that you chose beforehand. You should see an authentication screen like the one below.
Congratulations! You have successfully protected the directory on Nginx. Thanks for using this tutorial to protect the directory with passwords on the Nginx system. For additional help or useful information, we recommend you check the official Nginx website.
