FAQ

Page Discussion History

Difference between revisions of "HttpAuthBasicModule"

(auth_basic_user_file)
(6 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
<!-- page was renamed from NginxDocsEnglishDraftHttpAuthBasicModule
 
<!-- page was renamed from NginxDocsEnglishDraftHttpAuthBasicModule
 
-->
 
-->
 +
 +
<span style="color:red">WARNING: this article is obsoleted. Please refer to http://nginx.org/en/docs/ for the latest official documentation.</span>
 +
 
= Synopsis =
 
= Synopsis =
 
You can use this module to protect your site or parts of it with username and password based on HTTP Basic Authentication.
 
You can use this module to protect your site or parts of it with username and password based on HTTP Basic Authentication.
Line 15: Line 18:
  
 
== auth_basic ==
 
== auth_basic ==
 
+
<include wikitext nopre src="http://wiki.nginx.org/nginx.org/http/ngx_http_auth_basic_module/auth_basic.txt" />
{{Directive|name=auth_basic|args=realm {{!}} off|default=off|context=http, server, location, limit_except|phase=access|vars=no}}
+
  
 
This directive includes testing name and password with HTTP Basic Authentication.
 
This directive includes testing name and password with HTTP Basic Authentication.
Line 24: Line 26:
  
 
== auth_basic_user_file ==
 
== auth_basic_user_file ==
 
+
<include wikitext nopre src="http://wiki.nginx.org/nginx.org/http/ngx_http_auth_basic_module/auth_basic_user_file.txt" />
{{Directive|name=auth_basic_user_file|args=file|default=none|context=http, server, location, limit_except|phase=access|vars=no}}
+
  
 
This directive sets the htpasswd filename for the authentication realm. Since version 0.6.7 the filename path is relative to directory of nginx configuration file nginx.conf, but not to nginx prefix directory.
 
This directive sets the htpasswd filename for the authentication realm. Since version 0.6.7 the filename path is relative to directory of nginx configuration file nginx.conf, but not to nginx prefix directory.
Line 38: Line 39:
 
Passwords must be encoded by function crypt(3). If Apache is installed, you can create the password file using the htpasswd program included. Note: Apache uses MD5 for encryption.
 
Passwords must be encoded by function crypt(3). If Apache is installed, you can create the password file using the htpasswd program included. Note: Apache uses MD5 for encryption.
  
Since version 1.0.3 nginx supports "$apr1", "{PLAIN}" and "{SSHA}" password encryption methods.
+
As of version 1.0.3 nginx supports "$apr1", "{PLAIN}" and "{SSHA}" password encryption methods.
 +
 
 +
As of version 1.3.13 nginx supports "{SHA}" encryption as well. Plain SHA1 encryption should be considered for migration purposes only and should whenever possible be avoided for security reasons. 
  
 
This file should be readable by workers, running from unprivileged [[CoreModule#user|user]]. E. g. when nginx run from ''www'' you can set permissions as
 
This file should be readable by workers, running from unprivileged [[CoreModule#user|user]]. E. g. when nginx run from ''www'' you can set permissions as
Line 46: Line 49:
 
</pre>
 
</pre>
  
See also: [[Faq#How_do_I_generate_an_htpasswd_file_without_having_Apache_tools_installed.3F|How do I generate an htpasswd file without having Apache tools installed?]]
+
See also: [[Faq#How_do_I_generate_an_.htpasswd_file_without_having_Apache_tools_installed.3F|How do I generate an htpasswd file without having Apache tools installed?]]
  
 
= References =
 
= References =
[http://sysoev.ru/nginx/docs/http/ngx_http_auth_basic_module.html Original Documentation]
+
[http://nginx.org/en/docs/http/ngx_http_auth_basic_module.html Original Documentation]
  
 
[http://kbeezie.com/view/protecting-folders-with-nginx/ Protecting Folders with Auth_Basic]
 
[http://kbeezie.com/view/protecting-folders-with-nginx/ Protecting Folders with Auth_Basic]

Revision as of 21:30, 22 August 2013


WARNING: this article is obsoleted. Please refer to http://nginx.org/en/docs/ for the latest official documentation.

Contents

Synopsis

You can use this module to protect your site or parts of it with username and password based on HTTP Basic Authentication.

Example configuration

location  /  {
  auth_basic            "Restricted";
  auth_basic_user_file  htpasswd;
}

Directives

auth_basic

Syntax: auth_basic string | off
Default: off
Context: http
server
location
limit_except
Reference:auth_basic


This directive includes testing name and password with HTTP Basic Authentication. The assigned parameter is used as authentication realm. A value of "off" makes it possible to override the action for the inheritable from a lower-level directive.


auth_basic_user_file

Syntax: auth_basic_user_file file
Default:
Context: http
server
location
limit_except
Reference:auth_basic_user_file


This directive sets the htpasswd filename for the authentication realm. Since version 0.6.7 the filename path is relative to directory of nginx configuration file nginx.conf, but not to nginx prefix directory.

The format of file is the following:

user:pass
user2:pass2:comment
user3:pass3

Passwords must be encoded by function crypt(3). If Apache is installed, you can create the password file using the htpasswd program included. Note: Apache uses MD5 for encryption.

As of version 1.0.3 nginx supports "$apr1", "{PLAIN}" and "{SSHA}" password encryption methods.

As of version 1.3.13 nginx supports "{SHA}" encryption as well. Plain SHA1 encryption should be considered for migration purposes only and should whenever possible be avoided for security reasons.

This file should be readable by workers, running from unprivileged user. E. g. when nginx run from www you can set permissions as

chown root:nobody htpasswd_file
chmod 640 htpasswd_file

See also: How do I generate an htpasswd file without having Apache tools installed?

References

Original Documentation

Protecting Folders with Auth_Basic