We have a black box app (written in who-knows-what-language). This is usually a situation when we have an app running in a docker container. We need to enable very basic user/password authentication (to secure the site's content and to reduce chance of DDOS).
Note: it is better to install and use WSGI parallel servers such as gunicorn but sometimes, for a docker app, that boat has already sailed.
We are referring to:
- Install nginx and apache2-utils
sudo apt-get install nginx apache2-utils- Check nginx is working
sudo systemctl status nginx
curl http://127.0.0.1:80- Create the password file
sudo htpasswd -c /etc/apache2/.htpasswd user1
sudo htpasswd /etc/apache2/.htpasswd user2
# repeat for all users- Create a new nginx file
sudo nano /etc/nginx/sites-available/myprojectserver {
listen 80;
server_name your_domain www.your_domain;
location / {
include proxy_params;
proxy_pass http://localhost:<port>;
auth_basic "Administrator’s Area";
auth_basic_user_file /etc/apache2/.htpasswd;
}
}
You may omit the server_name line if you want to accept any (*)
Also note that the double quotes in values (for example Administrator's Area) must be straight (not curly one).
- Soft-link that file and delete the default profile
sudo ln -s /etc/nginx/sites-available/myproject /etc/nginx/sites-enabled
sudo rm -f /etc/nginx/sites-enabled/default- Restart nginx and check if the app is served via nginx
sudo systemctl restart nginxThe application now has rudimentary http authentication.