Example of a method for configuring user server access authentication in Nginx _nginx

Source: Internet
Author: User
Tags auth crypt

Nginx Super Powerful It can be a separate domain to set user authentication, the method is very simple we only need to generate user authentication username and password, and then nginx Add auth Authentication configuration can be.

Nginx can be a domain name for a separate user certification, the following practices:

1. Generate user authentication user name and password:

#wget-C Soft.vpser.net/lnmp/ext/htpasswd.sh;bash htpasswd.sh 

Enter according to the prompt:

Username:
Password:
file name:

The script will automatically generate the authentication file, the auth.conf content is as follows:

/usr/local/nginx/conf/auth.conf 

2. Add Auth authentication configuration for Nginx

Below a domain name below the auth directory for example, in the domain name of the server section add the following code:

Location ^~/auth/{ 
location ~ *. PHP|PHP5)? $ { 
Fastcgi_pass unix:/tmp/php-cgi.sock; 
Fastcgi_index index.php; 
Include fcgi.conf; 
} 
Auth_basic "Authorized users only"; 
Auth_basic_user_file/usr/local/nginx/conf/auth.conf 
} 

Auth_basic_user_file as the path to the htpasswd file

3. Restart Nginx

Access http://yourdomainname/auth/prompts for a username and password.

If we only want to add user authentication for the catalog the above method does not work, below I will introduce the specific directory user authentication.

Add user authentication for the directory (auth Basic).

Nginx's Auth_basic authentication uses a password file that is compatible with Apache, so we need to generate a password file via Apache htpasswd.

First find the htpasswd on your system:

Find/–name htpasswd 

General CentOS will be installed in Apache, located in:

/usr/bin/htpasswd 

If you don't find it, install it yourself:

Yum Install Apache 

and locate the htpasswd file address.

After we find the htpasswd file, we create a user, such as this user called: Xiaoquan

/usr/bin/htpasswd–c/usr/local/ngnix/conf/authdb Xiaoquan 

The above command creates a user-Xiaoquan authdb password file in the Nginx profile directory, and of course you can create it somewhere else where nginx profile is easier to use.

The above command input return will be prompted to enter a password prompts the message, enter two times, you can add success.

Then modify the Nginx configuration file and add the following in a server configuration that requires Auth_basic:

location/admin/{ 
auth_basic "Quanlei auth." 
auth_basic_user_file/usr/local/ngnix/conf/authdb; 
} 

Finally let Nginx use the latest configuration:
/usr/local/ngnix/sbin/nginx-s Reload 

To add, if you use a clustered environment, you need to add Proxy_pass:

location/admin/{ 
Proxy_pass http://cluster/mgmt/; 
Auth_basic "Quanlei auth." 
auth_basic_user_file/usr/local/ngnix/conf/authdb; 
} 

PS: Methods implemented using Perl scripts (code as follows:)

#! /usr/bin/perl-w  
#filename: add_ftp_user.pl use  
strict;  
#  
print "#example: user:passwd\n";  
while (<STDIN>) {  
  exit if ($_ =~/^\n/);  
  Chomp;  
  (My $user, my $pass) = Split/:/, $_, 2;  
  My $crypt = Crypt $pass, ' $1$ '. Gensalt (8);  
  Print "$user: $crypt \ n";  
}  
Sub Gensalt {my  
  $count = shift;  
  My @salt = ('. ', '/', 0.. 9, ' A '. ' Z ', ' a '. ' Z ');  
  my $s;  
  $s. = $salt [Rand @salt] for (1.. $count);  
  return $s;  
} 

To give executable permissions to a script:

chmod o+x add_user.pl

How to use script:

./add_user.pl
User:password

Paste the generated username password into the/usr/local/nginx/conf/vhost/nginx_passwd file

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.