HTTP basic auth in nginx

From lxadm | Linux administration tips, tutorials, HOWTOs and articles
Jump to: navigation, search

To use HTTP basic auth with nginx, you have to use auth_basic and auth_basic_user_file directives.

Additionally, use "satisfy any" with "allow" directives to exempt selected IPs from HTTP basic authentication (i.e. to bypass localhost or any other IPs which should not perform HTTP basic auth).

Example below:

        location ~ ^/munin/(.*)$ {
            alias /var/cache/munin/www/$1;

            satisfy any;
            allow 127.0.0.1;
            allow 10.2.3.4;
            auth_basic            "Restricted";
            auth_basic_user_file  /etc/nginx/htpasswd/munin;
            index index.html;
        }


You can generate the entries in auth_basic_user_file with htpasswd command - it comes as a part of apache2-utils (in Debian/Ubuntu).