Toggle navigation
TechnoWikis.com
Email or Username
Password
Remember
Login
Register
|
I forgot my password
All Activity
Questions
Hot!
Pending
Ask a Question
Privacy Policy
Contact
Nginx - Additional Security
Home
Tutorials
Development
Web Servers
Nginx - Additional Security
+5
votes
101
views
Nginx - Additional Security
asked
Jun 24, 2019
in
Web Servers
by
backtothefuture
(
360k
points)
reopened
Jun 24, 2019
|
101
views
answer
Please
log in
or
register
to answer this question.
1
Answer
+3
votes
Best answer
The issue of security is very important and although we can implement several actions to ensure our services it never hurts to apply some additional security routines, one of them is to
protect by username and password some URLs
.
This type of protection is standard when we have web administrators for some sections that are high risk, such as the database administrator or the administrative area of ​​our site.
HTTP Access Control
This method consists of being able to apply an authentication process for accessing some folder or file through
HTTP
, this
helps
us to protect APIs and additional resource types, it is easy and quick to implement and everything is based on the HTTP headers.
Creating an Access Control
Creating an access control using
HTTP
is very simple, to do so we must have access to the server where our resource is located and have the corresponding permissions, then we can follow the following steps:
1- We will generate the user and the password necessary to access the resource, for this we will use the
Apache utils
library with the
htpasswd
command, this command helps us create a file where we store the user and password in a hash that we will use later, to create the file we must do the following:
What's happening here?
This will generate a user, in this case called
dipankar
but it can be any other username and then ask us to enter a password which we must remember very well in order to use this.
2- Once the file with the user and the password is done, we have to indicate to
Nginx
that he must use said file to protect the location that we have decided, this will add a new interface in the front end of the site that will protect our resources, let's see The following image shows a portion of the configuration file where we apply this:
Here we see how in the
location block
, we indicate that to access the root of the site the
auth_basic
directive must be applied and we indicate the path of the file that we have generated in
step 1
, and with that we will have our security layer established.
3- Since we have applied the corresponding configuration we only have access to our site, remember the user and the key that we have placed at the beginning when we created the file and now we will use it, let's see:
In case we do not remember our data or is an unauthorized person when authentication fails the server will send a
restricted access message 401
, with this we can effectively have a new layer of security for our site.
As we see
Nginx
allows us to add more security to protect our resources, this type of implementation that we saw is very used when we have administrators with web interfaces that we do not want to see, for example an access to
Cpanel
or
phpMyAdmin
, which are very web interfaces. delicate
answered
Jun 24, 2019
by
stackoverflow
(
2.2m
points)
edited
Jun 24, 2019
ask related question
comment
Your comment on this answer:
Your name to display (optional):
Email me at this address if a comment is added after mine:
Email me if a comment is added after mine
Privacy: Your email address will only be used for sending these notifications.
Add comment
Cancel
Related questions
+5
votes
1
answer
How to create additional profiles on Amazon Prime Video.
asked
Nov 18, 2020
in
Help
by
backtothefuture
(
360k
points)
|
59
views
+3
votes
1
answer
How to use Webmin in Ubuntu 17: Additional parameters
asked
Jun 12, 2020
in
Linux / Unix
by
backtothefuture
(
360k
points)
|
126
views
All categories
Tutorials
5.5k
Microsoft
1.4k
Android
1.3k
Security
96
Linux / Unix
423
Internet
631
Virtualization
84
Apple
501
Networks
57
Other Devices
144
Other Applications
121
Hardware
10
Development
49
HTML5 / CSS3
12
Web Servers
9
JavaScript
12
Other languages
2
PHP
8
CMS
4
Python
1
WebServers
1
Digital Marketing
47
Databases
14
Graphic Design
30
Guides
116
Linux/Unix
101
Otherapps
32
OtherApplications
7
GraphicDesign
2
OtherDevices
111
Networking
4
Manzana
57
Play Station
136
Gaming
37
Help
506
Social Networks
29
Android Tutorial
522
iPhone Tutorial
243
News
9
Social
6
Android Application
37
Phone
2
Telephone
2
Android Application
1
Most popular questions within the last 30 days
Samsung Galaxy S21, S21 Plus and S21 Ultra does not recognize USB
How to put photos to my contacts on my Samsung Galaxy S21, S21 Plus and S21 Ultra cell phone
Tricks Samsung Galaxy S21, S21 Plus and S21 Ultra
Activate wireless or reversible charging Samsung Galaxy S21, S21 Plus and S21 Ultra
Create USB Bootable Windows Server 2022
Backup Active Directory Windows Server 2022 Active Directory
Install and configure Windows Server 2022 File Server
How to Record a FaceTime Call on iPhone
Where are NPCs 43 and 44 in Fortnite - are Idyll and Cuddle King positions available?
How to deliver the love potion to Slurpy Swamp or Shanty Town in Fortnite
The Wild Hearts event is coming to Fortnite today: Cups, Battles, and help Poiscaille find a date
The best PCIe 4.0 motherboards
Install Windows 10 without Microsoft account 2021
Na'Vi vs. Vitality on CS: GO for BLAST Premier Global Final 2020 breaks spectator record
Reset Samsung Galaxy A32, A42, A52 and A72 | 5G Hard reset
Please leave a comment about whether the solution works or not (with device model)
[X]Close
6,895
questions
6,992
answers
277
comments
2
users