Securing a Backend Service with Nginx and Basic Authentication

With Nginx it's very easy to expose a backend service via Basic Authentication.

Given you already have SSL (Secure Sockets Layer) configured this can be a valid and quick solution.

location ^~ /sample-monster-generator {
  auth_basic "Planets Testers Only";
  auth_basic_user_file /etc/nginx/htaccess.planets;
  proxy_pass http://localhost:666;
}

BEWARE: Before you consider this option for your performance tests you should step back an read this:

Like Apache: .htaccess

You can’t do this. You shouldn’t. If you need .htaccess, you’re probably doing it wrong.

Anyway there are use-cases for this scenario. We need htaccess:

$ apt-get install apache2-utils

...and create /etc/nginx/htaccess.planets with

$ htpasswd -c htaccess.planets fluffi

Real World Example: Jenkins

Given your Jenkins is up and running locally and you want to use Nginx as proxy.

    location ^~ /jenkins {
    auth_basic "Jenkins Users Only";
    auth_basic_user_file /etc/nginx/htaccess.jenkins;
    proxy_pass          http://127.0.0.1:8080;
}
Show Comments