Home>

nginx can set password authentication for websites or directories or even specific files.The password must be crypt-encrypted. You can use apache's htpasswd to create passwords.

The format is:

htpasswd -b -c site_pass username password

site_pass is the password file.Placed in the same directory as the nginx configuration file,Of course you can also put it in other directories,In the nginx configuration file, you must specify the absolute address or the address relative to the current directory.

If you enter the htpasswd command prompt when no command is found,You need to install httpd. If it is centos, you can execute the following to install,

yum install httpd

If you don't want to install httpd, you can use a perl script to implement it (the code is as follows :)

#!/usr/bin/perl -w
#filename:add_ftp_user.pl
use strict;
#
print "#example:user:passwd \ n";
while (<stdin>) {
  exit if ($_=~/^ \ n /);
  chomp;
  (my $user, my $pass)=split /:/, $_, 2;
  my $crypt=crypt $pass, "$1 $". gensalt (8);
  print "$user:$crypt \ n";
}
sub gensalt {
  my $count=shift;
  my @salt=(".", "/", 0 .. 9, "a" .. "z", "a" .. "z");
  my $s;
  $s.=$salt [rand @salt] for (1 .. $count);
  return $s;
}
Give the script executable permissions:
chmod o + x add_user.pl

How to use the script:

./add_user.pl
user:password

Paste the generated username and password into/usr/local/nginx/conf/vhost/nginx_passwd file

If it ’s to add certification to your site,You can write the authentication statement directly in the nginx configuration server section.

If it ’s to add authentication to the directory,It needs to be written in the form of a directory.At the same time, add PHP to the directory, otherwise PHP will be downloaded and not executed.

For example:authentication based on the entire website,auth_basic before php explanation.

server
{
  listen 80;
  root /www/jb51.net;
  index index.html index.htm index.php;
  auth_basic "input you user name and password";
  auth_basic_user_file/usr/local/nginx/conf/vhost/nginx_passwd;
  location ~ .php $
  {
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
  }
  location ~ /\.ht
  {
    deny all;
  }
  access_log /logs/jb51.net_access.log main;
}

Certification for directories,In a separate location, and nest a location explaining php in that location, otherwise the php file will not be executed and will be downloaded.auth_basic is after the nested location.

server
{
  listen 80;
  root /www/jb51.net;
  index index.html index.htm index.php;
  location ~ ^/admin /.*
  {
  location ~ \ .php $
  {
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
  }
  auth_basic "auth";
  auth_basic_user_file /usr/local/nginx/conf/vhost/auth/admin.pass;
  }
  location ~ .php $
  {
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
  }
  location ~ /\.ht
  {
    deny all;
  }
  access_log /logs/jb51.net_access.log main;
}

Here's a detail,It is location ~ ^/admin /.* {…} to protect all files in the admin directory.If you only set/admin/then enter /admin/index.php directly can still be accessed and run. ^/admin /.* means to protect all files in this directory.Of course, only one authentication is required.Authentication is not required every time or every file.

htpasswd

Now that htpasswd is used, let's introduce its basic use by the way.

htpasswd parameter

-c creates passwdfile. If passwdfile already exists,Then it will rewrite and delete the original content.

-n Do not update passwordfile, directly display the password

-m use md5 encryption (default)

-d use crypt encryption (default)

-p use password in plain text format

-s use sha encryption

-b Enter the username and password together in the command line instead of entering the password as prompted,You can see the plain text,No interaction required

-d delete the specified user

Examples1. How do I add a user using the htpasswd command?

#/usr/local/apache/bin/htpasswd -bc linuxeye_pd linuxeye_user linuxeye_password
adding password for user linuxeye_user
#cat linuxeye_pd
linuxeye_user:$apr1 $mugpp3fe $zgsi7/jfqihfxplgqo/wx /

Generate a linuxeye_pd file in the current directory, username linuxeye_user, password:linuxeye_password, default md5 encryption method

2. How to add the next user to the original password file?

#/usr/local/apache/bin/htpasswd -b linuxeye_pd linuxeye.com linuxeye.com
adding password for user linuxeye.com
#cat linuxeye_pd
linuxeye_user:$apr1 $mugpp3fe $zgsi7/jfqihfxplgqo/wx /
linuxeye.com:$apr1 $/8euopyi $4mbxypzotrsdcttdzvtet0

Be sure to remove the -c option, otherwise overwrite the password file and create it again

3. How to not update the password file,Only show encrypted username and password?

#/usr/local/apache/bin/htpasswd -n linuxeye
new password:
re-type new password:
linuxeye:$apr1 $bz6gclc4 $zkrap.0badzzixloxpdnv0
#/usr/local/apache/bin/htpasswd -nb linuxeye linuxeye_password
linuxeye:$apr1 $yvngdkgv $qrnlrij.mxiu52vmo.roe1

4. How to delete username and password using htpasswd command?

#/usr/local/apache/bin/htpasswd -d linuxeye_pd linuxeye_user
deleting password for user linuxeye_user
#cat linuxeye_pd
linuxeye.com:$apr1 $/8euopyi $4mbxypzotrsdcttdzvtet0

5. How do I change the password using the htpasswd command?

#/usr/local/apache/bin/htpasswd -d linuxeye_pd linuxeye.com
deleting password for user linuxeye.com
#/usr/local/apache/bin/htpasswd -b linuxeye_pd linuxeye.com linuxeye_passwd
adding password for user linuxeye.com
#cat linuxeye_pd
linuxeye.com:$apr1 $74zvb1vc $/b7etmg8xhdpieyj0b0ce.
  • Previous Strnatcmp () function "natural sort algorithm" in PHP for string comparison usage analysis (compared to strcmp functio
  • Next Java implements SSH mode encryption