How to config nginx to password-protect directories?

new2vps · June 2, 2023, 11:53am

I installed hestiaCP with Web Server = nginx and Backend Server = php-fpm.

I’m learning that, unlike apache, nginx does not support simply placing a .htaccess file into a directory in order to protect it.

This web page indicates where the equivalent information – that a certain directory requires a pssword and where the passwords file is located – needs to be placed in an nginx config file (after “Server {” and " listen 80;"…)

But I do not know how/where to apply/insert that information to a hestiaCP nginx config file (nor can I even find evidence that anyone has ever done it!).

digging through directories/files, the closest I’ve found is /home/myusername/conf/web/mydomain.com/nginx.conf but that tells me

Default Web Domain Template

DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS

https://hestiacp.com/docs/server-administration/web-templates.html

eris · June 2, 2023, 12:50pm

Works fine for the domain

new2vps · June 2, 2023, 10:54pm

A link to a solution (or else telling me that it simply cannot[!??!] be done under hestia/nginx), rather than a link to a long list of (mostly?) impertinent commands, could help my inquiry to become solved.

Your reply does not help me: I still do not know how/where to apply/insert information to a nginx config file (under hestiaCP) in order to password-protect SPECIFIC DIRECTORIES within a (sub)domain.

jlguerrero · June 3, 2023, 7:24am

Visit the link and look for nginx templates. That is what you need

Raphael · June 3, 2023, 7:25am

new2vps · June 3, 2023, 7:46am

I think I have it working now: Here’s what I did – IMHO this is what people need, and what this forum needs if hestiaCP is ever to become seriously popular – in case anyone else ever faces the same issue::

I went to /usr/local/hestia/data/templates/web/nginx/php-fpm
copied default.tpl and default.stpl to pw-prot-my-dirs.tpl and .stpl
edited them. there are a series of 4 lines that begin with “location” and end with “}”. Among them, insert the following one (to protect the “private” directory with a challenge that refers to “The Back Room” – or at least under apache it would have; here it just says that the site is asking me to sign in) for each directory you want to protect::

location /private {
auth_basic “The Back Room”;
auth_basic_user_file /home/userid/web/mydomain.com/.htpasswd;
}
I logged into hestiaCP as admin, clicked on the gear (upper right), selected nginx and php81.-fpm, “Apply to selected”, restart
in hestiaCP, go to userid’s web domain and Edit Web Domain, Advanced, Web Template NGINX → pw-prot-my-dirs, Save
per Web Templates and FastCGI/Proxy Cache | Hestia Control Panel I did v-rebuild-user userid yes
then I placed my .htpasswd file in /home/userid/web/mydomain.com/
if necessary, chown userid:userid .htpasswd

After a few tries (shift+reload?), it began working more or less as expected.

system · July 3, 2023, 7:47am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.