Install apache2-utils to get the htpasswd tool; 2. Use htpasswd to create a password file and add users; 3. Specify auth_basic and password file paths in the Nginx configuration; 4. Test and overload the Nginx configuration to take effect, and complete access control based on the username and password.
Setting up Nginx basic authentication is a simple and effective way to restrict access to your web content using a username and password. It's commonly used for staging sites, internal tools, or protecting sensitive directories. Here's how to do it step by step:
? 1. Install apache2-utils (for htpasswd )
Even though it's from Apache, the htpasswd tool is widely used to generate password files for HTTP basic auth — including with Nginx.
On Ubuntu/Debian:
sudo apt update sudo apt install apache2-utils
On CentOS/RHEL:
sudo yum install httpd-tools
? 2. Create a Password File and Add a User
Choose a secure location (outside web root) like /etc/nginx/.htpasswd .
To create the first user:
sudo htpasswd -c /etc/nginx/.htpasswd username
-
-ccreates a new file (use only once per file). - You'll be prompted to enter and confirm the password.
To add more users later (omit -c or it will overwrite!):
sudo htpasswd /etc/nginx/.htpasswd anotheruser
The file will look like:
username:$apr1$H6GJZ...etc
? 3. Configure Nginx to Use Basic Auth
Edit your site's Nginx config (usually in /etc/nginx/sites-available/your-site or /etc/nginx/conf.d/your-site.conf ).
Inside the location block you want to protect — for example, the whole site:
server {
listen 80;
server_name example.com;
location / {
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
# rest of your config (root, index, etc.)
root /var/www/html;
index index.html;
}
}To protect only a specific path:
location /admin/ {
auth_basic "Admin Area";
auth_basic_user_file /etc/nginx/.htpasswd;
}? 4. Test and Reload Nginx
Always test your config before reloading:
sudo nginx -t
If it passes:
sudo systemctl reload nginx
Now, when you visit the protected location, you'll see a browser prompt asking for a username and password.
? Tips
- Keep the
.htpasswdfile outside the web root — never serve it! - Use strong passwords (consider a password manager).
- For production, pair basic auth with HTTPS — credentials are sent in base64 over the wire.
- If you need multiple users with different permissions, basic auth won't help — consider app-level auth instead.
That's it. No plugins, no extra services — just a quick, reliable way to add a password wall.
Basically: generate the file → point Nginx to it → reload. Done.
The above is the detailed content of Setting Up Nginx Basic Authentication. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Where is the main Nginx configuration file (nginx.conf) located?
Jul 05, 2025 am 12:10 AM
The main Nginx configuration file is usually located in the conf directory under /etc/nginx/nginx.conf (Ubuntu/Debian, CentOS/RHEL), /usr/local/etc/nginx/nginx.conf (macOSHomebrew) or the source code installation path; you can view the loaded configuration path through nginx-t, ps-ef|grepnginx check the path specified by the startup parameters, or use find/-namenginx.conf and locatenginx.conf to quickly find; the configuration file structure includes global settings, events blocks and http blocks, and common site configurations are common.
What causes a 'Too many open files' error in Nginx?
Jul 05, 2025 am 12:14 AM
When Nginx experiences a "Toomyopenfiles" error, it is usually because the system or process has reached the file descriptor limit. Solutions include: 1. Increase the soft and hard limits of Linux system, set the relevant parameters of nginx or run users in /etc/security/limits.conf; 2. Adjust the worker_connections value of Nginx to adapt to expected traffic and ensure the overloaded configuration; 3. Increase the upper limit of system-level file descriptors fs.file-max, edit /etc/sysctl.conf and apply changes; 4. Optimize log and resource usage, and reduce unnecessary file handle usage, such as using open_l
How to enable Gzip compression to reduce file sizes?
Jul 10, 2025 am 11:35 AM
Enabling Gzip compression can effectively reduce the size of web page files and improve loading speed. 1. The Apache server needs to add configuration in the .htaccess file and ensure that the mod_deflate module is enabled; 2.Nginx needs to edit the site configuration file, set gzipon and define the compression type, minimum length and compression level; 3. After the configuration is completed, you can verify whether it takes effect through online tools or browser developer tools. Pay attention to the server module status and MIME type integrity during operation to ensure normal compression operation.
What is the stub_status module and how to enable it for monitoring?
Jul 08, 2025 am 12:30 AM
The stub_status module displays the real-time basic status information of Nginx. Specifically, it includes: 1. The number of currently active connections; 2. The total number of accepted connections, the total number of processing connections, and the total number of requests; 3. The number of connections being read, written, and waiting. To check whether it is enabled, you can check whether the --with-http_stub_status_module parameter exists through the command nginx-V. If not enabled, recompile and add the module. When enabled, you need to add location blocks to the configuration file and set access control. Finally, reload the Nginx service to access the status page through the specified path. It is recommended to use it in combination with monitoring tools, but it is only available for internal network access and cannot replace a comprehensive monitoring solution.
What does the error 'address already in use' or 'port 80 is already in use' mean?
Jul 07, 2025 am 12:09 AM
The "Addressalreadyinuse" error means that another program or service in the system has occupied the target port or IP address. Common reasons include: 1. The server is running repeatedly; 2. Other services occupy ports (such as Apache occupying port 80, causing Nginx to fail to start); 3. The port is not released after crash or restart. You can troubleshoot through the command line tool: use sudolsof-i:80 or sudolnetstat-tulpn|grep:80 in Linux/macOS; use netstat-ano|findstr:80 in Windows and check PID. Solutions include: 1. Stop the conflicting process (such as sudos
How to enable HTTP Strict Transport Security (HSTS)?
Jul 12, 2025 am 01:00 AM
The method to enable HSTS is to configure the Strict-Transport-Security response header in the HTTPS website. The specific operations are: 1.Nginx adds the add_header directive in the server block; 2.Apache adds the header directive in the configuration file or .htaccess; 3.IIS adds customHeaders in web.config; it is necessary to ensure that the site fully supports HTTPS, parameters include max-age (valid period), includeSubDomains (subdomains are effective), preload (preload list), and the prereload is the prerequisite for submitting to the HSTSPreload list.
What is Nginx Plus and what are its key features?
Jul 07, 2025 am 12:37 AM
The main difference between NginxPlus and open source Nginx is its enhanced functionality and official support for enterprise-level applications. 1. It provides real-time monitoring of the dashboard, which can track the number of connections, request rate and server health status; 2. Supports more advanced load balancing methods, such as minimum connection allocation, hash-based consistency algorithm and weighted distribution; 3. Supports session maintenance (sticky sessions) to ensure that user requests are continuously sent to the same backend server; 4. Allow dynamic configuration updates, and adjust upstream server groups without restarting the service; 5. Provides advanced cache and content distribution functions to reduce backend pressure and improve response speed; 6. Automatic configuration updates can be achieved through APIs to adapt to Kubernetes or automatic scaling environments; 7. Includes
How to perform A/B testing with the split_clients module?
Jul 08, 2025 am 12:22 AM
A/B testing can be implemented through Nginx's split_clients module, which distributes traffic proportionally to different groups based on user attribute hashing. The specific steps are as follows: 1. Use the split_clients instruction to define the grouping and proportions in the http block, such as 50%A and 50%B; 2. Use variables such as $cookie_jsessionid, $remote_addr or $arg_uid as hash keys to ensure that the same user is continuously allocated to the same group; 3. Use the corresponding backend through if conditions in the server or location block; 4. Record the grouping information through a custom log format to analyze the effect; 5. Track the performance of each group with the monitoring tool
