Toggle navigation
TechnoWikis.com
Email or Username
Password
Remember
Login
Register
|
I forgot my password
All Activity
Questions
Hot!
Pending
Ask a Question
Privacy Policy
Contact
Nginx - Additional Security
Home
Tutorials
Development
Web Servers
Nginx - Additional Security
(adsbygoogle = window.adsbygoogle || []).push({});
+5
votes
214
views
Nginx - Additional Security
asked
Jun 24, 2019
in
Web Servers
by
backtothefuture
(
552k
points)
reopened
Jun 24, 2019
|
214
views
answer
Your answer
Your name to display (optional):
Email me at this address if my answer is selected or commented on:
Email me if my answer is selected or commented on
Privacy: Your email address will only be used for sending these notifications.
Add answer
Cancel
1
Answer
+3
votes
Best answer
The issue of security is very important and although we can implement several actions to ensure our services it never hurts to apply some additional security routines, one of them is to
protect by username and password some URLs
.
This type of protection is standard when we have web administrators for some sections that are high risk, such as the database administrator or the administrative area of ​​our site.
HTTP Access Control
This method consists of being able to apply an authentication process for accessing some folder or file through
HTTP
, this
helps
us to protect APIs and additional resource types, it is easy and quick to implement and everything is based on the HTTP headers.
Creating an Access Control
Creating an access control using
HTTP
is very simple, to do so we must have access to the server where our resource is located and have the corresponding permissions, then we can follow the following steps:
1- We will generate the user and the password necessary to access the resource, for this we will use the
Apache utils
library with the
htpasswd
command, this command helps us create a file where we store the user and password in a hash that we will use later, to create the file we must do the following:
What's happening here?
This will generate a user, in this case called
dipankar
but it can be any other username and then ask us to enter a password which we must remember very well in order to use this.
2- Once the file with the user and the password is done, we have to indicate to
Nginx
that he must use said file to protect the location that we have decided, this will add a new interface in the front end of the site that will protect our resources, let's see The following image shows a portion of the configuration file where we apply this:
Here we see how in the
location block
, we indicate that to access the root of the site the
auth_basic
directive must be applied and we indicate the path of the file that we have generated in
step 1
, and with that we will have our security layer established.
3- Since we have applied the corresponding configuration we only have access to our site, remember the user and the key that we have placed at the beginning when we created the file and now we will use it, let's see:
In case we do not remember our data or is an unauthorized person when authentication fails the server will send a
restricted access message 401
, with this we can effectively have a new layer of security for our site.
As we see
Nginx
allows us to add more security to protect our resources, this type of implementation that we saw is very used when we have administrators with web interfaces that we do not want to see, for example an access to
Cpanel
or
phpMyAdmin
, which are very web interfaces. delicate
answered
Jun 24, 2019
by
stackoverflow
(
3.5m
points)
edited
Jun 24, 2019
ask related question
comment
Your comment on this answer:
Your name to display (optional):
Email me at this address if a comment is added after mine:
Email me if a comment is added after mine
Privacy: Your email address will only be used for sending these notifications.
Add comment
Cancel
Related questions
+5
votes
1
answer
How to create additional profiles on Amazon Prime Video.
asked
Nov 18, 2020
in
Help
by
backtothefuture
(
552k
points)
|
211
views
+3
votes
1
answer
How to use Webmin in Ubuntu 17: Additional parameters
asked
Jun 12, 2020
in
Linux / Unix
by
backtothefuture
(
552k
points)
|
288
views
Sponsored articles cost $40 per post. You can contact us via
Feedback
All categories
Tutorials
7.5k
Microsoft
1.9k
Android
1.4k
Security
120
Linux / Unix
543
Internet
757
Virtualization
104
Apple
611
Networks
64
Other Devices
321
Other Applications
184
Hardware
19
Development
53
HTML5 / CSS3
12
Web Servers
9
JavaScript
12
Other languages
2
PHP
8
CMS
4
Python
5
WebServers
1
Digital Marketing
47
Databases
14
Graphic Design
30
Guides
794
GraphicDesign
54
Networking
4
PlayStation
186
Gaming
55
Linux/Unix
85
Manzana
33
Otherdevices
38
Otherapps
49
Digitalmarketing
39
Safety
1
Developing
2
Help
685
Social Networks
34
Android Tutorial
549
iPhone Tutorial
267
News
17
Social
6
Phone
11
Telephone
9
Applications
167
Smartphones
3
Cell Phones
11
Applications
25
Travels
6
Photo
21
Education
18
Games
25
Internet
14
Music
8
Technique
10
Video
6
Windows
5
Apple
2
Cell Phones
3
TikTok
216
Trips
2
House
1
Operating System
5
Tips & Tricks
892
Solutions
6
Tutorials
3
FAQ
1
Applications
5
Cell Phones
2
Tutorials
4
Computers
6
Tutoriales
2
8
Technology
2
In Computers
1
In Applications
2
Tutorials Tutorials
9
Applications Applications
25
Aplicaciones Applications
4
Devices Devices
5
Tutoriales Tutorials
1
Tutorials u00a0 Tutorials
2
Applications u00a0 Applications
2
Devices u00a0 Devices
1
OS OS
1
Etc Etc
2
Most popular questions within the last 30 days
Please leave a comment about whether the solution works or not (with device model)
[X]Close
10,659
questions
10,791
answers
510
comments
3
users