How to Protect Directory with ApacheHTTP Basic Authentication on Ubuntu Linux

graphic designer 4562741 640
graphic designer 4562741 640

The post provides a tutorial on how to use the Apache2 utility package for securing directories through basic HTTP password authentication. The steps include installing Apache2 HTTP Utility, creating a password file using commands, and protecting Apache2 directories by adjusting configuration file settings. This feature enhances directory security by limiting access to authorized users only.

Unlike Nginx HTTP, Apache2 has a utility that allows web admins to provide basic authentication and authorization on web directories. For example, one can use the Apache2 utility package to restrict directory access with basic HTTP password authentication.

This brief tutorial shows students and new users how to use Apache2 utils to generate basic password authentication for Apache2 directories.

This feature can protect directories and restrict access to only authorized users. It’s a great feature and can add a layer of protection to existing directories.

To protect Apache2 directories with basic password authentication, the steps below are a great place to start:

Install Apache2 HTTP Utility

Apache2 utility package is easy to install. To install, run the commands below.

sudo apt update
sudo apt install apache2 apache2-utils

Create a .htpasswd file.

After installing Apache2 utils, run the commands below to create a user password file. The commands below prompt you to create a new password for the username specified and store the file in the defined directory. /etc/apache2/.htpasswd

sudo htpasswd -c /etc/apache2/.htpasswd myusername

Replace myusername with the username you wish to use. You can choose any directory to save the htpasswd file. However, you must specify the location when configuring Apache2.

After running the commands above, a new hidden passwd file for the username you selected will be saved in the /etc/apache2/.htpasswd file.

Below is the output of the command:

sudo htpasswd -c /etc/apache2/.htpasswd richard
New password:
Re-type new password:
Adding password for user richard

Protect Apache2 Directories

Now that the password file is created using the highlighted code block below to protect an Apache2 directory.

Apache2 default site configuration file is at /etc/apache2/sites-available/default.

Add these lines below to the directory you want to protect.

<VirtualHost *:80>
     ServerAdmin admin@example.com
     DocumentRoot /var/www/html/
     ServerName example.com
     ServerAlias www.example.com

     <Directory /var/www/html/>
        Options +FollowSymlinks
        AllowOverride All
        Require all granted
     </Directory>

     <Directory "/var/www/html/Private">
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
      </Directory>

     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Save the file.

Whenever you try browsing the /Private directory, you should get a basic HTTP authentication prompt to type a username and password.

To protect the entire Apache2 site, define the root location to protect:  /var/www/html

Example:

<VirtualHost *:80>
     ServerAdmin admin@example.com
     DocumentRoot /var/www/html/
     ServerName example.com
     ServerAlias www.example.com

     <Directory /var/www/html/>
        Options +FollowSymlinks
        AllowOverride All
        Require all granted
     </Directory>

     <Directory "/var/www/html">
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
      </Directory>

     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Save the file.

The next time you browse the domain, you will be prompted, as shown below.

nginx ubuntu htpasswd

That’s it!

You may also like the post below:

Posted by
Richard

I love computers; maybe way too much. What I learned I try to share at geekrewind.com.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.