Share your love
Configure Nginx Password Authentication on Debian 12
This guide intends to teach you to Configure Nginx Password Authentication on Debian 12. Password Authentication is a basic security option that you can use to protect your website or app info. With this option, you can use a unique username and password for each user that they are only access to it. In this way, you are sure that you have protected your info and sites and nobody can access the info.
Now you can proceed to the following steps to configure Password Auth with Nginx Web Server on Debian 12.
Full Guide To Configure Nginx Password Authentication on Debian 12
Because we want to create password auth with Nginx on Debian 12, you must log in to your server as a non-root user with sudo privileges, and install Nginx. For this purpose, you can check the following guides:
Initial Server Setup with Debian 12 Bookworm
Install Nginx Web Server on Debian 12
When you are done, follow the steps below to complete this guide.
Step 1 – Create a Nginx Password File on Debian 12
First of all, you must have a file that stores your usernames and passwords. To do this, you can use OpenSSL or htpasswd. Now you can proceed to the following steps and choose one of these methods to create your password file.
Number 1 – Use OpenSSL to Create an Nginx Password File
In this method, you need to install OpenSSL on Debian 12. To do this, you can run:
sudo apt install openssl -y
Then, you need to add your desired user to /etc/nginx/.htpasswd directory. For example:
sudo sh -c "echo -n 'olivia:' >> /etc/nginx/.htpasswd"
Next, run the following command to create an encrypted password for your user:
sudo sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"
You need to set your password and verify it:
Password:
Verifying - Password:
Note: You can repeat these commands for additional users.
To list your users, you can use the following command:
cat /etc/nginx/.htpasswd
Example Output
olivia:$apr1$NgKDkpCh$ll13TEiXnavBbgEaZDhvx1
Number 2 – Use htpasswd to Create an Nginx Password File
The htpasswd is included in the apache2-utils package (Nginx password files use the same format as Apache). If you want to use this method to create your password file, you must install apache2-utils on your Debian 12:
sudo apt install apache2-utils -y
Now you have access to the htpasswd utility. Then, use the following command to add your user to the /etc/nginx/.htpasswd directory:
sudo htpasswd -c /etc/nginx/.htpasswd olivia
Set a password for the user and verify it:
New password:
Re-type new password:
Adding password for user olivia
Note: To add more users, you should use the above command without the “-c” option:
sudo htpasswd /etc/nginx/.htpasswd another_user
To list your users, you can run:
cat /etc/nginx/.htpasswd
Step 2 – Nginx Configuration for Password Auth on Debian 12
Once you are done with password file creation, you need to configure Nginx to check your password file. To do this, you need to open a server block configuration file. Here we use the default Nginx server block, open the file with your favorite text editor like Vi editor or Nano editor:
sudo vi /etc/nginx/sites-enabled/default
At this point, you must add the following directives under the default server configuration:
server {
listen 80 default_server;
. . .
auth_basic "Restricted Content";
auth_basic_user_file /etc/nginx/.htpasswd;
}
When you are done, save and close the file. Then, restart the Nginx Web Server to apply the changes:
sudo systemctl restart nginx
Note: Also, you can only restrict the document root with a location block, and you can even modify this listing to only target a specific directory within the web space:
server {
listen 80 default_server;
...
location / {
try_files $uri $uri/ =404;
auth_basic "Restricted Content";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}
Step 3 – Check Password Auth with Nginx
To verify your Password auth is working and your data is protected, from your web browser type your server’s IP address:
http://your-server-ip
You should see the following screen. From there, you can enter your username and password to access your data:
That’s it, you are done.
Conclusion
At this point, you have learned to Configure Nginx Password Authentication on Debian 12 Bookworm. You can easily create a password file with OpenSSL or htpasswd, configure Nginx to check the file, and protect your data with password auth.
Hope you enjoy it. Also, you may like to read the following guides:
Secure Nginx Web Server Let’s Encrypt on Debian 12
Set up Nginx with Brotli Compression on Debian 12