You can restrict access to your website or some parts of it by implementing a username/password authentication. Usernames and passwords are taken from a file created and populated by a password file creation tool, for example, apache2-utils.
Creating a Password File
sudo htpasswd -c /etc/httpd/.htpasswd admin
or
sudo htpasswd -c /etc/nginx/.htpasswd admin
Create additional user-password pairs. Omit the -c
flag because the file already exists
Nginx configuration
server {
...
auth_basic "Administrator’s Area";
auth_basic_user_file /etc/nginx/.htpasswd;
location /public/ {
auth_basic off;
}
}
Apache/httpd basic configuration
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory "/var/www/html">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Directory>
</VirtualHost>
Apache/httpd with proxypass
<VirtualHost *:80>
ServerAdmin [email protected]
ProxyPass / http://localhost:990/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Location />
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Location>
</VirtualHost>