How to configure basic authentication in Apache Web Server

Apache Web Server is a huge application with some useful features like SSL configuration, website authentication and so on. This article explains how to configure basic authentication in Apache Web Server. The first thing that comes to mind is what authentication is and why we need it. Let me explain what authentication is. Authentication is nothing more than a process that requires you to identify yourself in order to access something.

Let’s take a simple example: Suppose you want to access your Gmail account or another email account. To do this, you need to enter your email ID and password so that only you can access your emails. This means that you have released your personal data (name, address, mobile phone number, etc.) to Google for the generation of this email ID and password. Only through the authentication process are we able to securely store our valuable and confidential data in web directories. Nowadays, all important work is only secure due to authentication, e.g. banking.

Configure basic authentication in Apache Web Server

In this article, we configure basic authentication to secure the Apache web directory, which contains sensitive information on the Apache web server, and grant access to users who are authorized to do so.

Steps to configure basic authentication with Apache Web Server:

Step: 1 Install the Apache Web Server package

Install the Apache web server package to configure basic authentication. You can install the httpd package either via the yum repository or via the rpm package.

[[email protected] ~]# yum -y install httpd   # Install Apache Webserver Package
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
 * base: mirror.nbrc.ac.in
 * extras: mirrors.vonline.vn
 * updates: mirrors.aluhost.com
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.2.15-55.el6.centos.2 will be updated
---> Package httpd.x86_64 0:2.2.15-56.el6.centos.3 will be an update
--> Processing Dependency: httpd-tools = 2.2.15-56.el6.centos.3 for package: httpd-2.2.15-56.el6.centos.3.x86_64
--> Running transaction check
---> Package httpd-tools.x86_64 0:2.2.15-55.el6.centos.2 will be updated
---> Package httpd-tools.x86_64 0:2.2.15-56.el6.centos.3 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================
 Package                      Arch                    Version                                  Repository                Size
==============================================================================================================================
Updating:
 httpd                        x86_64                  2.2.15-56.el6.centos.3                   updates                  834 k
Updating for dependencies:
 httpd-tools                  x86_64                  2.2.15-56.el6.centos.3                   updates                   79 k

Transaction Summary
==============================================================================================================================
Upgrade       2 Package(s)

Total download size: 913 k
Downloading Packages:
(1/2): httpd-2.2.15-56.el6.centos.3.x86_64.rpm                                                         | 834 kB     00:13     
(2/2): httpd-tools-2.2.15-56.el6.centos.3.x86_64.rpm                                                   |  79 kB     00:00     
------------------------------------------------------------------------------------------------------------------------------
Total                                                                                          56 kB/s | 913 kB     00:16     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : httpd-tools-2.2.15-56.el6.centos.3.x86_64                                                                  1/4 
  Updating   : httpd-2.2.15-56.el6.centos.3.x86_64                                                                        2/4 
  Cleanup    : httpd-2.2.15-55.el6.centos.2.x86_64                                                                        3/4 
  Cleanup    : httpd-tools-2.2.15-55.el6.centos.2.x86_64                                                                  4/4 
  Verifying  : httpd-2.2.15-56.el6.centos.3.x86_64                                                                        1/4 
  Verifying  : httpd-tools-2.2.15-56.el6.centos.3.x86_64                                                                  2/4 
  Verifying  : httpd-tools-2.2.15-55.el6.centos.2.x86_64                                                                  3/4 
  Verifying  : httpd-2.2.15-55.el6.centos.2.x86_64                                                                        4/4 

Updated:
  httpd.x86_64 0:2.2.15-56.el6.centos.3                                                                                       

Dependency Updated:
  httpd-tools.x86_64 0:2.2.15-56.el6.centos.3                                                                                 

Complete!

The Apache web server package was successfully installed. Now start the httpd service with the following command.

[[email protected] ~]# /etc/init.d/httpd start   # Start the Apache Webserver Service
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
                                                           [  OK  ]

Now open your web browser and type http: // localhost to confirm whether the Apache web server is working properly or not. Follow the snapshot below.

How to configure basic authentication in Apache Web Server

Apache Wen Server basic authentication

As we can see in the snapshot above, the Apache web server default page opens without authentication. Here is an example where I use the default Apache web server page as my website. I’m going to show you how to configure authentication so that it asks for username and password when opening.

Step: 2 Create a password file for basic Apache authentication

For basic authentication with the Apache web server, we need a user name and password. Here we have a tool that comes with the installation of the Apache package, i.e. htpasswd, So let’s create a username and password htpasswd Command. Follow the command below.

After executing the command, you will be asked to enter a password. So enter the password twice for confirmation.

Note: This username and password are used to access the website.

[[email protected] ~]# htpasswd -c /etc/httpd/.htpasswd itsmarttricks # Create Password File for Authentication
New password: 
Re-type new password: 
Adding password for user itsmarttricks

Where :

.htpasswd is the password file that contains the username and password for basic Apache authentication / etc / httpd Directory.

itsmarttricks is the username.

You can confirm the availability of users in /etc/httpd/.htpasswd File from below command.

[[email protected] ~]# cat /etc/httpd/.htpasswd    # Check the Password file
itsmarttricks:QmQxg1A7TcQlw

Step: 3 Create a virtual host in Apache Web Server

To create a VirtualHost in the Apache web server, simply edit the main configuration file, i.e. H. /etc/httpd/conf/httpd.conf and go to the end of the file and add the following lines.

Note: Here is my practice lab. I use the default Apache Web Server page as my website. Configure basic authentication so that the user name and password are asked for when opening.

To configure authentication, simply add your VirtualHost before the following lines Syntax:

AuthType BasicAuthName “Authentication Required”AuthUserFile /etc/httpd/.htpasswdRequest a valid user

See the configuration below. (Configuration parts are highlighted in blue)

# Add VirtualHost in Apache main configuration file with Directory Rescriction

### Apache Authentication ###

ServerAdmin [email protected]
    DocumentRoot /var/www/html
    ServerName itsmarttricks.com
    ErrorLog logs/www.google.com-error_log
    CustomLog logs/itsmarttricks.com-access_log common
        
        AuthType Basic
        AuthName "Authentication Required"
        AuthUserFile /etc/httpd/.htpasswd
        Require valid-user
        

### Apache Authentication ###

Where :

  • & – Syntax for starting and closing VirtualHost.
  • server Admin – To mention the webmaster’s email.
  • Root document – Location of the document (files & directories) on your website.
  • server name – Domain name of your website e.g: itsmarttricks.com
  • error log – To mention the location of the log file for your Apache Web Server errors.
  • CustomLog – To mention the location of the log file for Apache access logs.
  • & – To add some additional features to your VirtualHost e.g: Here we add basic authentication for our VirtualHost.
  • authentication type – To mention the authentication type, e.g. B.: Here we use basic authentication.
  • AuthName – To mention the message displayed on your authentication page.
  • AuthUserFile – To mention the file path that contains information about username and password, e.g. B .: Here it is /etc/httpd/.htpasswd
  • Require – valid user – So that it only takes the user who is available in .htpasswd File.

Now restart the Apache service for the changes to take effect.

[[email protected] ~]# /etc/init.d/httpd restart   # Restart the Apache Webserver Service
Stopping httpd:                                            [  OK  ]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
                                                           [  OK  ]

We are done with all necessary changes. Now it’s time to test it. So let’s access the Apache web server default page and I’m sure you’ll be asked for username and password.

How to configure basic authentication in Apache Web Server

Apache Wen Server basic authentication

As we can see above, Apache Web Server asks for username and password when we try to access the default website. Enter the username and password here that you need to create using the htpasswd command in step 2 above.

That’s all. In this article, we explained how to configure Basic authentication in Apache web server, I hope you like this article. If you like this article, just share it. If you have any questions about this article, please comment

Sidebar