From looking at tutorials such as this it seems relatively easy to set up .htpasswd authentication.
Here's my HTTPS block which is how I'm accessing my site:
server {
listen 443;
server_name potato;
root /var/www/html;
ssl on;
ssl_certificate /srv/ssl/cert.pem;
ssl_certificate_key /srv/ssl/key.pem;
location / {
auth_basic "Restricted Content";
auth_basic_user_file /usr/local/nginx/.htpasswd;
}
}
I've gathered from here the following snippet to create the .htpasswd file:
USERNAME=admin
PASSWORD=password
sudo printf "$USERNAME:$(openssl passwd -crypt $PASSWORD)\n" >> .htpasswd
This initially failed with a permission denied error, which I resolved by first creating an empty .htpasswd then granting myself permission via sudo chown max:max .htpasswd
.
When I visit the website, I do see the Auth prompt, but I get a 403 error even I type in the correct password.
I have been fiddling with this for a while and am continuing to dig through google searches. But I'd appreciate any tips toward a likely source. It'd also be great if someone could show me a dependable way to diagnose the cause of the Auth failure.
In my access.log file I have entries like this:
73.170.238.232 - admin [05/Sep/2016:12:03:34 -0700] "GET /musicker/dist/ HTTP/1.1" 403 571 "-" "Mozilla/5.0 (X11; CrOS x86_64 8350.68.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
but I don't see much useful information in there. You can see I'm trying to access the website at /musicker/dist/
, and in Nginx my location /
block is catching this and adding auth_basic.
Thankfully I figured this out not long after the posting the question, but I think the following information would be available to others looking to solve similar problems:
The relevant logs are not in access.log
, but rather in error.log
.
Running this showed me that the .htaccess
file was not in the expected location. Then I moved it to the correct location and was able to authenticate OK.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments