How To Configure Apache Web Page Authentication on Ubuntu / Debian

Cpanel/Whm License $3/mo Plesk License $10/mo Cloudlinux License $5/mo

(: June 21, 2019)

How can I secure an Apache web page with Password Authentication on Ubuntu / Debian web server?. How to use Basic Authentication to limit access to specific web pages on Apache?. After installing and configuring your Apache web server, you may want to configure password authentication for a web page. This guide will cover how to set up a password protected directory using basic authentication.

Apache web server can be installed on Ubuntu or Debian server/workstation by running the command below.

sudo apt update
sudo apt -y install apache2

Confirm that the service is started.{text-align:left} img{margin:0 auto 0 0}
$ systemctl status  apache2
* apache2.service - The Apache HTTP Server
   Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
  Drop-In: /lib/systemd/system/apache2.service.d
   Active: active (running) since Fri 2019-06-21 12:21:47 PDT; 32s ago
 Main PID: 3797 (apache2)
    Tasks: 55 (limit: 1110)
   CGroup: /system.slice/apache2.service
           |-3797 /usr/sbin/apache2 -k start
           |-3799 /usr/sbin/apache2 -k start
           `-3800 /usr/sbin/apache2 -k start

Jun 21 12:21:47 ubuntu-01 systemd[1]: Starting The Apache HTTP Server...
Jun 21 12:21:47 ubuntu-01 apachectl[3771]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using
Jun 21 12:21:47 ubuntu-01 systemd[1]: Started The Apache HTTP Server.

The following test page should be visible on the server’s IP address/hostname.

Configure Apache password protected directory using basic authentication.

After installing Apache web server, install Basic Authentication packages.

sudo apt -y install apache2-utils pwauth libapache2-mod-authnz-external 

Then create Apache website configuration file under /etc/apache2/sites-available directory.

sudo tee /etc/apache2/sites-available/secure-page.conf<<EOF
<Directory /var/www/html/secured>
    AuthType Basic
    AuthName "Basic Authentication"
    AuthUserFile /etc/apache2/.htpasswd
    require valid-user

Add users to the Basic Authentication file.

$ sudo htpasswd -c /etc/apache2/.htpasswd webuser1
New password: 
Re-type new password: 
Adding password for user webuser1

The “-c” option is used to create a file during initial setup. To update file by adding other users, use:

$ sudo htpasswd /etc/apache2/.htpasswd webuser2
New password: 
Re-type new password: 
Adding password for user webuser2

The file with users will have:

$ cat /etc/apache2/.htpasswd

Now enable secure website.

$ sudo a2ensite secure-page
Enabling site secure-page.
To activate the new configuration, you need to run:
  systemctl reload apache2

Create secure website directory.

sudo mkdir -p /var/www/html/secured

Add content to the directory for testing.

sudo tee /var/www/html/secured/index.html<<EOF
<div style="width: 100%; font-size: 50px; font-weight: bold; text-align: center;">
My secure web page - Using Basic Auth

Restart Apache service.

sudo systemctl restart apache2

Test access to the page.

When asked for username and password, authenticate with credentials configured earlier.

We have confirmed basic authentication to be working for accessing a secure web page. The same procedure applies to secure existing web pages on your server.

You can also check.

Secure LDAP Server with SSL/TLS on Ubuntu

Best secure Backup Application for Linux, macOS & Windows

How To Secure GitLab Server with SSL Certificate

How to Set Secure Password Policy on Zimbra{text-align:left} img{margin:0 auto 0 0}

Related posts

Israeli VC Fund Offers $50k Bounty for Cost-Cutting AppCoin


BitFury Names Former Justice Department Official to Advisory Board


Tradehill halts bitcoin trading due to IAFCU “operational and regulatory issues”


Accountancy Platform Xero Adds Veem’s Bitcoin-Powered Payments


How To FreeBSD Remount Partition


Coinbase, Ripple Blast Company Creating Tokens in Their Name


Nigeria Warned its Citizens About Onecoin and Bitcoin This Week


MySQL Empty Database / Delete or Drop All Tables


Ethereum’s Reddit Moderators Resign Amid Controversy


This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More