Apache Web Server is a huge application with some useful features like SSL configuration, website authentication and so on. This article explains how to configure basic authentication in Apache Web Server. The first thing that comes to mind is what authentication is and why we need it. Let me explain what authentication is. Authentication is nothing more than a process that requires you to identify yourself in order to access something.
Let’s take a simple example: Suppose you want to access your Gmail account or another email account. To do this, you need to enter your email ID and password so that only you can access your emails. This means that you have released your personal data (name, address, mobile phone number, etc.) to Google for the generation of this email ID and password. Only through the authentication process are we able to securely store our valuable and confidential data in web directories. Nowadays, all important work is only secure due to authentication, e.g. banking.
In this article, we configure basic authentication to secure the Apache web directory, which contains sensitive information on the Apache web server, and grant access to users who are authorized to do so.
Steps to configure basic authentication with Apache Web Server:
Step: 1 Install the Apache Web Server package
Install the Apache web server package to configure basic authentication. You can install the httpd package either via the yum repository or via the rpm package.
[[email protected] ~]# yum -y install httpd # Install Apache Webserver Package Loaded plugins: fastestmirror, refresh-packagekit, security Setting up Install Process Loading mirror speeds from cached hostfile * base: mirror.nbrc.ac.in * extras: mirrors.vonline.vn * updates: mirrors.aluhost.com Resolving Dependencies --> Running transaction check ---> Package httpd.x86_64 0:2.2.15-55.el6.centos.2 will be updated ---> Package httpd.x86_64 0:2.2.15-56.el6.centos.3 will be an update --> Processing Dependency: httpd-tools = 2.2.15-56.el6.centos.3 for package: httpd-2.2.15-56.el6.centos.3.x86_64 --> Running transaction check ---> Package httpd-tools.x86_64 0:2.2.15-55.el6.centos.2 will be updated ---> Package httpd-tools.x86_64 0:2.2.15-56.el6.centos.3 will be an update --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================== Package Arch Version Repository Size ============================================================================================================================== Updating: httpd x86_64 2.2.15-56.el6.centos.3 updates 834 k Updating for dependencies: httpd-tools x86_64 2.2.15-56.el6.centos.3 updates 79 k Transaction Summary ============================================================================================================================== Upgrade 2 Package(s) Total download size: 913 k Downloading Packages: (1/2): httpd-2.2.15-56.el6.centos.3.x86_64.rpm | 834 kB 00:13 (2/2): httpd-tools-2.2.15-56.el6.centos.3.x86_64.rpm | 79 kB 00:00 ------------------------------------------------------------------------------------------------------------------------------ Total 56 kB/s | 913 kB 00:16 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Updating : httpd-tools-2.2.15-56.el6.centos.3.x86_64 1/4 Updating : httpd-2.2.15-56.el6.centos.3.x86_64 2/4 Cleanup : httpd-2.2.15-55.el6.centos.2.x86_64 3/4 Cleanup : httpd-tools-2.2.15-55.el6.centos.2.x86_64 4/4 Verifying : httpd-2.2.15-56.el6.centos.3.x86_64 1/4 Verifying : httpd-tools-2.2.15-56.el6.centos.3.x86_64 2/4 Verifying : httpd-tools-2.2.15-55.el6.centos.2.x86_64 3/4 Verifying : httpd-2.2.15-55.el6.centos.2.x86_64 4/4 Updated: httpd.x86_64 0:2.2.15-56.el6.centos.3 Dependency Updated: httpd-tools.x86_64 0:2.2.15-56.el6.centos.3 Complete!
The Apache web server package was successfully installed. Now start the httpd service with the following command.
[[email protected] ~]# /etc/init.d/httpd start # Start the Apache Webserver Service Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName [ OK ]
Now open your web browser and type http: // localhost to confirm whether the Apache web server is working properly or not. Follow the snapshot below.
As we can see in the snapshot above, the Apache web server default page opens without authentication. Here is an example where I use the default Apache web server page as my website. I’m going to show you how to configure authentication so that it asks for username and password when opening.
Step: 2 Create a password file for basic Apache authentication
For basic authentication with the Apache web server, we need a user name and password. Here we have a tool that comes with the installation of the Apache package, i.e. htpasswd, So let’s create a username and password htpasswd Command. Follow the command below.
After executing the command, you will be asked to enter a password. So enter the password twice for confirmation.
Note: This username and password are used to access the website.
[[email protected] ~]# htpasswd -c /etc/httpd/.htpasswd itsmarttricks # Create Password File for Authentication New password: Re-type new password: Adding password for user itsmarttricks
.htpasswd is the password file that contains the username and password for basic Apache authentication / etc / httpd Directory.
itsmarttricks is the username.
You can confirm the availability of users in /etc/httpd/.htpasswd File from below command.
[[email protected] ~]# cat /etc/httpd/.htpasswd # Check the Password file itsmarttricks:QmQxg1A7TcQlw
Step: 3 Create a virtual host in Apache Web Server
To create a VirtualHost in the Apache web server, simply edit the main configuration file, i.e. H. /etc/httpd/conf/httpd.conf and go to the end of the file and add the following lines.
Note: Here is my practice lab. I use the default Apache Web Server page as my website. Configure basic authentication so that the user name and password are asked for when opening.
To configure authentication, simply add your VirtualHost before the following lines Syntax:
See the configuration below. (Configuration parts are highlighted in blue)
# Add VirtualHost in Apache main configuration file with Directory Rescriction ### Apache Authentication ###
ServerAdmin [email protected] DocumentRoot /var/www/html ServerName itsmarttricks.com ErrorLog logs/www.google.com-error_log CustomLog logs/itsmarttricks.com-access_log common### Apache Authentication ### AuthType Basic AuthName "Authentication Required" AuthUserFile /etc/httpd/.htpasswd Require valid-user
&– Syntax for starting and closing VirtualHost.
- server Admin – To mention the webmaster’s email.
- Root document – Location of the document (files & directories) on your website.
- server name – Domain name of your website e.g: itsmarttricks.com
- error log – To mention the location of the log file for your Apache Web Server errors.
- CustomLog – To mention the location of the log file for Apache access logs.
&– To add some additional features to your VirtualHost e.g: Here we add basic authentication for our VirtualHost.
- authentication type – To mention the authentication type, e.g. B.: Here we use basic authentication.
- AuthName – To mention the message displayed on your authentication page.
- AuthUserFile – To mention the file path that contains information about username and password, e.g. B .: Here it is /etc/httpd/.htpasswd
- Require – valid user – So that it only takes the user who is available in .htpasswd File.
Now restart the Apache service for the changes to take effect.
[[email protected] ~]# /etc/init.d/httpd restart # Restart the Apache Webserver Service Stopping httpd: [ OK ] Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName [ OK ]
We are done with all necessary changes. Now it’s time to test it. So let’s access the Apache web server default page and I’m sure you’ll be asked for username and password.
As we can see above, Apache Web Server asks for username and password when we try to access the default website. Enter the username and password here that you need to create using the htpasswd command in step 2 above.
That’s all. In this article, we explained how to configure Basic authentication in Apache web server, I hope you like this article. If you like this article, just share it. If you have any questions about this article, please comment