Enabling basic authentication via Nginx

You can use Cloud 66 CustomConfig to protect your application or parts of it with a username and password based on HTTP basic authentication. Follow the instructions below to accomplish this:

  1. We’ll use htpasswd to create your password file - it encrypts it the password with MD5. Install it as follows:
sudo apt-get install apache2-utils -y
  1. Once that is installed, we’re ready to create a password file. We recommend that you create this file within your repository, which will be deployed to your servers. This command will prompt you to input a password:
sudo htpasswd -c <directory>.htpasswd <user_name>
  1. Now we can customize our Nginx configuration. To do this add the following code within the server section(s) of your Nginx configuration:
    auth_basic "Restricted";
    	auth_basic_user_file /current/.htpasswd;

Where you put it will depend on which Rack server you are running, and whether or not you are using HTTPS traffic:

For Passenger servers

If you’re using Passenger (Cloud 66’s default server) then you need to find all the blocks that start with location @passenger and add the code to those blocks.

Other Rack servers

If you’re using another flavour of Rack server (like Puma), find the block that begins location / and contains the proxy_set_header directive.

Once you have the code in the correct block, it will read your password file from your repository directory on the server. Once you save the configuration, it will apply immediately on your server.

For more details please read our Nginx CustomConfig documentation.