How to set login Authentication ( Username / Password ) to Apache webserver in Ubuntu ?

If you have allready installed apache webserver on ubuntu using “How to install Apache webserver on Ubuntu ?” , sometimes its good that we need to set the login authentication with username and password to apache so that it can be blocked from open access. This post briefs about the same.

$ sudo apt install apache2-utils 
$ sudo htpasswd -c /etc/apache2/.htpasswd testuser
New password: 
Re-type new password: 
Adding password for user testuser

We set the password to “test123$5”, you can check if the username and password is created using below command,

$ cat /etc/apache2/.htpasswd
testuser:$apr1$vr1F8iOL$NetuQDTEyrOo7SQB4lUF91 

this shows that, we created “testuser” and next string is encrypted password.

Now, Add following lines to /etc/apache2/sites-enabled/000-default.conf, this will set the login username, password to complete directory “/var/www/html/” , you may decide to change it to any other directory inside “/var/www/html/”

       <Directory "/var/www/html/">
           AuthType Basic
           AuthName "Restricted Content"
           AuthUserFile /etc/apache2/.htpasswd
           Require valid-user
       </Directory>
$ vim /etc/apache2/sites-enabled/000-default.conf 
<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin [email protected]
        DocumentRoot /var/www/html

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf

       <Directory "/var/www/html/">
           AuthType Basic
           AuthName "Restricted Content"
           AuthUserFile /etc/apache2/.htpasswd
           Require valid-user
       </Directory>

</VirtualHost>

Now, restart apache webserver and check if you have login, password enabled as,

$ sudo systemctl restart apache2 
$ sudo systemctl status apache2 

Now, visit http://localhost and it should ask username & password.

Follow Lynxbee

Leave a Reply / Ask Question