How To Configure Apache Web Page Authentication on Ubuntu / Debian
source link: https://computingforgeeks.com/how-to-configure-apache-web-page-authentication/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
How can I secure an Apache web page with Password Authentication on Ubuntu / Debian web server?. How to use Basic Authentication to limit access to specific web pages on Apache?. After installing and configuring your Apache web server, you may want to configure password authentication for a web page. This guide will cover how to set up a password protected directory using basic authentication.
Apache web server can be installed on Ubuntu or Debian server/workstation by running the command below.
sudo apt update
sudo apt -y install apache2
Confirm that the service is started.
$ systemctl status apache2 * apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d `-apache2-systemd.conf Active: active (running) since Fri 2019-06-21 12:21:47 PDT; 32s ago Main PID: 3797 (apache2) Tasks: 55 (limit: 1110) CGroup: /system.slice/apache2.service |-3797 /usr/sbin/apache2 -k start |-3799 /usr/sbin/apache2 -k start `-3800 /usr/sbin/apache2 -k start Jun 21 12:21:47 ubuntu-01 systemd[1]: Starting The Apache HTTP Server... Jun 21 12:21:47 ubuntu-01 apachectl[3771]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 Jun 21 12:21:47 ubuntu-01 systemd[1]: Started The Apache HTTP Server.
The following test page should be visible on the server’s IP address/hostname.
Configure Apache password protected directory using basic authentication.
After installing Apache web server, install Basic Authentication packages.
sudo apt -y install apache2-utils pwauth libapache2-mod-authnz-external
Then create Apache website configuration file under /etc/apache2/sites-available directory.
sudo tee /etc/apache2/sites-available/secure-page.conf<<EOF
<Directory /var/www/html/secured>
AuthType Basic
AuthName "Basic Authentication"
AuthUserFile /etc/apache2/.htpasswd
require valid-user
</Directory>
EOF
Add users to the Basic Authentication file.
$ sudo htpasswd -c /etc/apache2/.htpasswd webuser1 New password: Re-type new password: Adding password for user webuser1
The “-c” option is used to create a file during initial setup. To update file by adding other users, use:
$ sudo htpasswd /etc/apache2/.htpasswd webuser2 New password: Re-type new password: Adding password for user webuser2
The file with users will have:
$ cat /etc/apache2/.htpasswd webuser1:$apr1$nIxlKLgc$xGTv.J1x5wtbJqAfFPt6o1 webuser2:$apr1$F4OnyIyv$WImqRIR5BBopTMjqGXs/c1
Now enable secure website.
$ sudo a2ensite secure-page Enabling site secure-page. To activate the new configuration, you need to run: systemctl reload apache2
Create secure website directory.
sudo mkdir -p /var/www/html/secured
Add content to the directory for testing.
sudo tee /var/www/html/secured/index.html<<EOF
<html>
<body>
<div style="width: 100%; font-size: 50px; font-weight: bold; text-align: center;">
My secure web page - Using Basic Auth
</div>
</body>
</html>
EOF
Restart Apache service.
sudo systemctl restart apache2
Test access to the page.
When asked for username and password, authenticate with credentials configured earlier.
We have confirmed basic authentication to be working for accessing a secure web page. The same procedure applies to secure existing web pages on your server.
You can also check.
Secure LDAP Server with SSL/TLS on Ubuntu
Best secure Backup Application for Linux, macOS & Windows
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK