This document discusses configuring Nginx to restrict Access with HTTP Basic Authentication www.johnvincent.io website.

For extensive discussions regarding www.johnvincent.io, please see Overview of johnvincent.io website

Configuring Nginx to implement HTTP Basic Authentication

The goal is to password protect certain folders and pages.

Excellent references

• [Restricting Access with HTTP Basic Authentication

](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/)

• How To Set Up Password Authentication with Nginx on Ubuntu 14.04

Install Apache Utilities

sudo apt-get update
sudo apt-get install apache2-utils

Create Password File

Add a username

cd
cd tmp
sudo htpasswd -c /etc/nginx/.htpasswd jv

Add encrypted password

sudo sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"

Configuring Nginx

cd /etc/nginx/sites-available/https
sudo vi johnvincent.io

Add

location /protected {
    auth_basic           “Private Area”;
    auth_basic_user_file /etc/nginx/.htpasswd; 
}

Restart Nginx

nginx-restart

Remove from Site Map

Password protected pages need to be removed from the site map to prevent issues with Google Search. For details, see Google Coverage Issues

Problems

If get 401 Authorization Required and no sign in form

• Try another browser
• Open Devtools and re-try
• For PWAs, stop service worker, clear the cache and re-try.

Even then, may be necessary to refresh and re-try.