Want more timely Centmin Mod News Updates?
Become a Member

Nginx How to properly password protect a directory or file?

Discussion in 'Centmin Mod Insights' started by RoldanLT, Jun 25, 2014.

Tags:
  1. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    Like for example, I want to password protect /install/ directory and /admin.php.
    What command should I execute?
    Thanks
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:20 AM
    Nginx 1.13.x
    MariaDB 5.5
    Update FAQ item 13 outlines how to password protect directories and files.


    Same as outlined at Nginx and vBulletin Connect 5 Vhost and PHP-FPM - PHP Warning: require(): Unable to allocate memory for pool. Also official documentation Module ngx_http_auth_basic_module

    Use htpasswd.py script at /usr/local/nginx/conf/htpasswd.py to setup username and password using following command:

    Code:
    python /usr/local/nginx/conf/htpasswd.py -b /usr/local/nginx/conf/htpasswd yourusername yourpassword
    change /usr/local/nginx/conf/htpasswd filename and path for your unique filename and yourusername and yourpassword to unique values of your own

    or use the htpasswd.sh script i wrote in post 28 in this thread

    Code:
    wget -O /usr/local/nginx/conf/htpasswd.sh https://gist.githubusercontent.com/centminmod/3068afbed67d5fe5e2dd/raw
    chmod +x /usr/local/nginx/conf/htpasswd.sh
    Code:
    /usr/local/nginx/conf/htpasswd.sh
    
    /usr/local/nginx/conf/htpasswd.sh {create|append} /usr/local/nginx/conf/htpasswd user1 pass1
     
    Last edited: Oct 29, 2014
    • Informative Informative x 1
  3. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    I can run that command anywhere?
     
  4. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    So I can't create a separate username/password for admin.php and /install?
     
  5. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    If I understand correctly, If I want another set of account, all I have to do is change/create new passwd file?
    Like:
    Code:
     python /usr/local/nginx/conf/htpasswd.py -c -b /usr/local/nginx/conf/htpasswd2 username password
     
  6. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:20 AM
    Nginx 1.13.x
    MariaDB 5.5
    yeah can run the command anywhere and if you want separate user/pass files need to have different filenames from /usr/local/nginx/conf/htpasswd

    i.e.

    /usr/local/nginx/conf/htpasswd_install
    /usr/local/nginx/conf/htpasswd_admin
     
    • Like Like x 1
  7. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    I understand the concept now :)
    Thanks a lot!
    This is a problem when I have 3 other admins and both of us don't have static IP.
     
  8. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    This code doesn't work:
    Code:
    location /admin.php {
         auth_basic "Private";
        auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            }
    
    Why?
     
  9. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:20 AM
    Nginx 1.13.x
    MariaDB 5.5
    Code:
      location ~ ^/(admin.php) {
         include /usr/local/nginx/conf/php.conf;
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            }
    
     
  10. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    It works, Thanks a lot!
    Wonder why /admin.php didn't work?
     
  11. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:20 AM
    Nginx 1.13.x
    MariaDB 5.5
    because locations usually match directories not files with the way you had it before
     
    • Like Like x 1
  12. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    Wait I have set a password with number+letters like: 12345pass
    If I enter a password that just 12345 it accepts, why?
    Should be wrong password.
     
  13. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:20 AM
    Nginx 1.13.x
    MariaDB 5.5
    No idea, that shouldn't really happen .. try it in private browser session with no session cookies etc
     
  14. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    Yes I already tried on other browser with zero data.
     
  15. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    Trying to change my password then.
     
  16. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    I already tried changing the password, still encountering the issue.
    I tried to use a password: thisdirprotected
    When I just input a password like thisdirprotecte (missing last letter d) still accepted :(
     
  17. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:20 AM
    Nginx 1.13.x
    MariaDB 5.5
    I tried with the htpasswd as well as htpasswd_admin_php file both do not accept incomplete missing characters for usernames but do for passwords !

    Code:
      location ~ ^/(admin.php) {
         include /usr/local/nginx/conf/php.conf;
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd;
            }
    Code:
      location ~ ^/(admin.php) {
         include /usr/local/nginx/conf/php.conf;
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            }
     
  18. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    The only difference i got is I include staticfiles.conf.
     
  19. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:20 AM
    Nginx 1.13.x
    MariaDB 5.5
  20. RoldanLT

    RoldanLT Well-Known Member

    3,930
    960
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,311
    Local Time:
    1:20 AM
    1.11
    10.2
    Wait, I don't have problems on /admin.php
    But on /install/, here's my code:
    Code:
    location /install/ {
        index index.php index.html index.htm;
        include /usr/local/nginx/conf/staticfiles.conf;
        include /usr/local/nginx/conf/php.conf;
        auth_basic "Private";
        auth_basic_user_file /usr/local/nginx/conf/htpasswd_install;
            }