nginx and auth_basic
I am trying to get basic authentication working with nginx in Ubuntu Jaunty. In nginx.conf, I added these two lines under the server context:
server {
...
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
...
}
Then I apt-get'ed apache2-utils to get htpasswd, which I used to create the htpasswd file:
htpasswd -d -c /etc/nginx/.htpasswd joe
When I try to access the site, the authentication dialog comes up as expected, but when I put in the username and password, it just refreshed the dialog box. It doesn't seem to like the password I am providing it. I tried running htpasswd both with and without the -d option, but still no luck. It refused to authenticate. Any ideas what I'm doing wrong?
Any help would be appreciated.
Answer
Things I would check:
- Permissions on `/etc/nginx/.htpasswd` - Can the file be read by the account running nginx? You could try, temporarily, using `chmod 644` to make sure everyone can read it. If that works, then you can sort out an appropriate combination of `chown` and `chmod` settings so that nginx and you/root can read it but other users cannot (for security).
- Ensure that `htpasswd` is generating the hash in the right form; it's usually about 13 alphanumeric characters (for example `username:wu.miGq/e3nro`). The command CAN generate MD5 hashes too which would look more like `username:$apr1$hzB2K...$b87zlCYMKufOxn9ol5QV4/` these don't work with nginx.
- Look into increasing the debug output of nginx and check the error logs for clues.