generaldreamfactory

Password-protect access to an application with NGINX

To configure NGINX to request a username and password when accessing your application, follow these steps:

  • At the console, type the following commands. Remember to replace APPNAME, USERNAME and PASSWORD with your application name, desired username and desired password respectively.

    $ sudo apt-get update
    $ sudo apt-get install apache2-utils
    $ cd /opt/bitnami/APPNAME/conf/
    $ sudo htpasswd -cb users USERNAME PASSWORD
    
  • Edit the /opt/bitnami/apps/APPNAME/conf/nginx-app.conf file and update the default location block as shown below:

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_read_timeout 300;
        fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $request_filename;
        include fastcgi_params;
        auth_basic "Restricted Area";
        auth_basic_user_file /opt/bitnami/APPNAME/conf/users;
    }
    

    NOTE: If you don’t wish to protect the entire application, but only a sub-URL, create a new location block as shown above only for the sub-URL you wish to protect.

  • Restart the NGINX server:

    $ sudo /opt/bitnami/ctlscript.sh restart nginx
    

When accessing the application, you will see an authentication popup window. Enter the username and password defined in the first step:

To change the password later, run the htpasswd utility without the -c switch:

$ sudo htpasswd /opt/bitnami/users USERNAME