WEBVTT 00:00.720 --> 00:07.530 So in the last chapter we were looking into the basic type of Http authentication. 00:07.530 --> 00:11.630 So we looked into the overview on how exactly it works. 00:11.640 --> 00:17.820 So in this video, we'll look into how we can implement Http basic authentication in Nginx. 00:20.040 --> 00:28.440 So the very first thing that you have to verify if the Httpd Tools package is installed, because this 00:28.440 --> 00:31.860 basically will be useful in the basic authentication. 00:31.860 --> 00:37.860 So you can say httpd tools and you can see it is installed. 00:37.860 --> 00:40.860 So if it is not installed, you can do yum! 00:41.070 --> 00:46.170 Install httpd tools and this will be good enough. 00:48.160 --> 00:53.740 So we have two pages, so I'll show you the configuration. 00:55.930 --> 00:58.320 So here we have two location directives. 00:58.330 --> 01:02.020 One is location for root and one is admin page. 01:02.230 --> 01:08.590 Now we have already discussed admin page contains secret data, so this is something that we want to 01:08.590 --> 01:10.480 have an authentication for. 01:11.020 --> 01:22.930 So if I go to the browser and let me open example.com slash admin and here you see the admin page is 01:22.930 --> 01:23.800 not protected. 01:24.280 --> 01:30.070 So let's use the Http basic authentication and protect this particular page. 01:32.940 --> 01:42.770 So within the admin location directive, because this is where we actually want to protect our page, 01:42.780 --> 01:44.730 we'll say auth underscore basic. 01:46.490 --> 01:49.530 Followed by the name that you can give any name. 01:49.550 --> 01:51.020 I'll say basic authentication. 01:51.020 --> 01:52.640 So this becomes the realm. 01:58.680 --> 02:01.530 Followed by the odd underscore basic user. 02:04.880 --> 02:06.500 Let's take it. 02:07.130 --> 02:10.460 Enginex dot Password. 02:11.450 --> 02:14.150 So basically the first. 02:15.270 --> 02:22.380 Line signifies that this is going to be basic authentication and for server to verify the password and 02:22.380 --> 02:23.520 username is correct. 02:23.550 --> 02:25.080 This is a particular file. 02:25.080 --> 02:32.130 So in nginx dot password the username and password will be stored. 02:32.580 --> 02:34.140 So I'll just save it. 02:34.470 --> 02:38.160 And this is nginx directory. 02:38.160 --> 02:40.770 So let's create our own password file. 02:42.000 --> 02:42.540 Password. 02:43.020 --> 02:43.860 Password. 02:46.910 --> 02:47.540 See. 02:47.810 --> 02:48.890 And it is. 02:49.610 --> 02:50.870 Say is the password. 02:51.590 --> 02:53.690 C stands for create a new file. 02:55.220 --> 02:57.290 We also have to specify the username. 02:57.290 --> 02:58.970 So let's say username is admin. 03:01.390 --> 03:01.810 Oops. 03:03.270 --> 03:05.070 It's the password. 03:06.180 --> 03:09.180 So for admin it is asking me for a password. 03:09.180 --> 03:15.810 I'll say password and it created a password. 03:16.080 --> 03:23.610 So if I do a cat password file, you see there is an admin followed by the password associated with 03:23.610 --> 03:23.910 it. 03:25.340 --> 03:30.350 So let's verify if the nginx configuration changes are successful. 03:30.350 --> 03:31.400 And it is. 03:32.000 --> 03:34.160 So let me reload the nginx. 03:36.040 --> 03:39.490 And let's open the. 03:40.460 --> 03:42.170 Browser and let's refresh. 03:42.260 --> 03:48.380 And now you see it is asking for username and password when we go to slash admin. 03:48.500 --> 03:55.010 So this is basically how basic authentication in Http is implemented. 03:55.280 --> 04:03.500 So again, if you want to implement basic authentication, always try to use it along with the Https 04:03.500 --> 04:04.430 or SSL. 04:04.730 --> 04:08.000 Otherwise, this is a big security vulnerability. 04:08.360 --> 04:13.310 So I hope this lecture has been informative for you and I'd like to thank you for viewing.