1. Install tool
1
2
sudo apt-get install apache2-utils # (Debian, Ubuntu)
sudo yum install -y httpd-tools # (RHEL/CentOS/Oracle Linux)
2. Create password
1
sudo htpasswd /etc/nginx/.htpasswd user1 # Then type password at the prompt
Note: use -c for create the whole .htpasswd file from scratch
3. Nginx configuration
Inside a location that you are going to protect
1
2
3
4
5
location /admin {
auth_basic "Basic Auth"; # anything you want -> show in dialog user/password
auth_basic_user_file /etc/nginx/.htpasswd; # File location store your password
#...
}
Limit access whole website but some areas
1
2
3
4
5
6
7
8
9
server {
...
auth_basic "Basic Auth";
auth_basic_user_file /etc/nginx/.htpasswd;
location /public/ {
auth_basic off;
}
}
4. Reload nginx
1
sudo service nginx reload
Use IP Address for Access Restriction
1
2
3
4
5
6
7
location /api {
#...
deny 192.168.1.2;
allow 192.168.1.1/24;
allow 127.0.0.1;
deny all;
}
Combine Basic authentication and IP Address
1
2
3
4
5
6
7
8
9
10
11
12
location /api {
#...
satisfy all;
deny 192.168.1.2;
allow 192.168.1.1/24;
allow 127.0.0.1;
deny all;
auth_basic "Administrator’s Area";
auth_basic_user_file conf/htpasswd;
}
- satisfy
- all: access is granted if a client satisfies both conditions
- any: access is granted if if a client satisfies at least one condition
Ref source: Nginx doc