/
Pack Hosting Panel

Basic authentication

What is Basic authentication and how to configure this at Hipex?


What is basic authentication

If you own a staging and/or test environment, you do not want this to be accessible by everyone. You want to prevent a loose user ending up in your staging/test environment submitting an order.

Basic authentication is a simple authentication method based on the HTTP protocol. The user is asked to fill out a username and password which, including an authentication header, will be transmitted to the server in base64 encoding.

In this article we explain how to protect a Hipex environment using basic authentication.

How to setup basic authentication

We assume you are already familiar with the [described here] (nginx-basics # the-folder-structure) location and folder structure of the Nginx configurations. Log in to the environment you want to enable basic authentication for.

Generating an authentication file

With basic authentication, the credentials are stored in a so-called htpassword file. We will use the location of the Nginx configurations located in, /home/<username>/domains/<domainname>/var/etc/

The credentials, consisting of username and password, are generated with the command htpasswd. In the example below a file with the name passwd and username hipex is generated.

htpasswd -c passwd hipex

The intended password is requested automatically.

Configure basic authentication

Once the authentication file including the crendentials is created, we activate Basic Authentication using the Nginx configuration.

Create a Nginx configuration file (for example basicauth.nginx.conf) at location /home/<username>/domains/<domain>/var/etc/.

In this file the configuration below is added:

satisfy any;    
allow 127.0.0.1;
allow 1.2.3.4; # Our IP-address may have access.
allow another_ip_address; # Extra IP-addresses can be added below.

deny  all; 

auth_basic           "Administrator's Area";
auth_basic_user_file /var/domains/<username>-<domain>/var/etc/passwd;

(Beware aware! The path starts with /var/domains/ not with /home/<user>//!)

  • auth_basic = 'the message' which is shown to the user in a popup.
  • auth_basic_user_file = Het path to the just created authentication file.

After adjusting the basic authentication the nginx configuration needs to be reoladed using the nginx-reloadcommand.

Testing basic authentication

Test the basic authentication after adjusting by visiting the url in a browser If the basic authentication is correctly adjusted, a popup appears to fill out your credentials: popup