What is Basic authentication and how to configure this at Hipex?
If you own a staging and/or test environment, you do not want this to be accessible by everyone. You want to prevent a loose user ending up in your staging/test environment submitting an order.
Basic authentication is a simple authentication method based on the HTTP protocol. The user is asked to fill out a username and password which, including an authentication header, will be transmitted to the server in base64 encoding.
In this article we explain how to protect a Hipex environment using basic authentication.
We assume you are already familiar with the [described here] (nginx-basics # the-folder-structure) location and folder structure of the Nginx configurations. Log in to the environment you want to enable basic authentication for.
With basic authentication, the credentials are stored in a so-called htpassword file.
We will use the location of the Nginx configurations located in,
The credentials, consisting of username and password, are generated with the command
In the example below a file with the name passwd and username hipex is generated.
htpasswd -c passwd hipex
The intended password is requested automatically.
Once the authentication file including the crendentials is created, we activate Basic Authentication using the Nginx configuration.
Create a Nginx configuration file (for example
basicauth.nginx.conf) at location
In this file the configuration below is added:
satisfy any; allow 127.0.0.1; allow 220.127.116.11; # Our IP-address may have access. allow another_ip_address; # Extra IP-addresses can be added below. deny all; auth_basic "Administrator's Area"; auth_basic_user_file /var/domains/<username>-<domain>/var/etc/passwd;
- auth_basic = 'the message' which is shown to the user in a popup.
- auth_basic_user_file = Het path to the just created authentication file.
After adjusting the basic authentication the nginx configuration needs to be reoladed using the
Test the basic authentication after adjusting by visiting the url in a browser If the basic authentication is correctly adjusted, a popup appears to fill out your credentials: