This article explains how to set up Apache basic authentication to protect directories in Ubuntu 24.04.
Apache Basic Authentication is a method used to restrict access to web resources on an Apache server by requiring users to provide a username and password.
Setting up Basic Authentication is straightforward and requires minimal configuration in the Apache server. Username and password are sent with plain text on Basic Authentication, so you want to set up SSL/TLS before transmitting credentials.
This is because HTTPS encrypts the data exchanged between the user’s browser and the server, adding a significant layer of security.
Protect directories with Apache basic authentication
With Apache installed, run the command below to install Apache utilities.
sudo apt install apache2-utils
After installing the utilities, continue below to protect a directory with a username and password.
For this post, we’ll protect /var/www/html/sensitive-doc with a password. Anyone who wants to access this directory must type a username and password.
To do that, first, create an Apache virtual host file for this configuration. Run the command below to create a file called basic-auth.conf.
sudo nano /etc/apache2/sites-available/auth-basic.conf
Next, please copy and paste the content below into the file and save it.
<Directory /var/www/html/sensitive-doc>
AuthType Basic
AuthName "Basic Authentication"
AuthUserFile /etc/apache2/.htpasswd
require valid-user
</Directory>
Create accounts
After setting up the config above, use the command below to create an account to log on to the directory.
sudo htpasswd -Bc /etc/apache2/.htpasswd username
Replace username with the actual username you want to use.
When prompted, type and confirm a new password for the account.
Create the protected directory
Create the protected directory using the command below.
sudo mkdir /var/www/html/sensitive-doc
Once created, enable the Apache virtual host and reload its services by running the commands below.
sudo a2ensite auth-basic.conf
sudo systemctl reload apache2
Next, run the command below and add a basic HTML ‘index.html‘ file.
sudo nano /var/www/html/sensitive-doc/index.html
Copy and paste the lines below into the file and save.
<html>
<title>My basic authentication HTML page</title>
<body>
<p style="width: 100%; font-weight: bold; font-size: 60px; text-align: center;">
Basic authentication is enabled!
</p>
</body>
</html>
Save the file and exit.
Test Apache basic authentication
Finally, open your browser and browse to the protected directory.
http://example.com/sensitive-doc/
You will see a prompt to enter a username and password.
You must enter the correct username and password to sign in.
That should do it!
Conclusion:
Setting up Apache Basic Authentication on Ubuntu 24.04 is an effective way to secure sensitive directories. You’ve taken significant measures to protect your web resources by following the steps above. Here’s a quick summary:
- Enhanced Security: Basic Authentication adds a layer of protection by requiring users to authenticate with a username and password.
- SSL/TLS Implementation: Remember to set up SSL/TLS to encrypt the data exchanged, ensuring that credentials are not sent in plain text.
- Directory Protection: You can easily protect any directory by creating a virtual host configuration and an account for access.
- Test Access: Verify your setup by accessing the protected directory and ensuring the authentication prompts function as intended.
- Ongoing Management: Maintain your credentials and manage user access as needed for optimal security.
With these measures, you can confidently secure your web applications and sensitive data.
Leave a Reply Cancel reply