Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [http-basic-authentication]

250 questions
3
votes
1 answer

nginx authentication and custom error page

I'm trying to set up my server so that it requires authentication before browsing any file on the domain. However, I want to display a custom error page (placeholder.html) when someone fails to authenticate. I tried the server configuration listed…
Joost
  • 177
  • 1
  • 9
3
votes
1 answer

IIS Basic Authentication only protects directories, not individual files?

I really hope this isn't a duplicate, but I wasn't able to find anything like this on here. My issue is: I have a subdirectory on a Windows (not sure if 2008 R2 or 2012) server with IIS 8.5 that I want to protect with basic authentication. I've…
Christian
  • 199
  • 1
  • 2
  • 9
3
votes
1 answer

How to disable nginx basic_auth for one location but enable it for the rest of the site

I'm trying to get basic_auth disabled for a specific directory (/api/), but still have basic auth for the rest of the site I'm working with. The following is my nginx.conf: server { # base settings listen 80; server_name…
user219872
  • 31
  • 1
  • 1
  • 2
3
votes
1 answer

Apache SSL Certificate and Basic Auth combination - password if no certificate

Is it possible, to force apache to ask for password only if user don't have client-certificate installed? I'm almost sure, that this is possible, but I'm not able to find any confirmation anywhere. Is it possible to configure apache to act like…
Lisek
  • 199
  • 1
  • 6
  • 15
3
votes
2 answers

Authentication request to change http to https

On my server that works with nginx, access is protected by a basic http authentication. I am currently developing a piece of code that requires HTTPS redirection, and when this redirection occurs, I have a new authentication popup. How can I avoid a…
Flug
  • 131
  • 1
  • 1
  • 8
3
votes
2 answers

Apache2 with basic auth: exclude one location from auth (weird behaviour)

I have basic auth set for Directory / and want to exclude Location /assets/upload, but it just won't work, I have tried several options and tutorials. This Location directive clears the Directory auth config and disables basic auth for the whole…
mplattner
  • 131
  • 1
  • 1
  • 3
3
votes
2 answers

git refuses to send credentials over HTTP

curl seems to work fine, but git does not. git asks for a password, but then doesn't send any credentials. Works: curl --netrc http://test.git.unsw.edu.au/ and curl -u username:password http://test.git.unsw.edu.au/ Doesn't work: git remote…
Jayen
  • 1,827
  • 3
  • 16
  • 27
3
votes
0 answers

Nginx as a proxy doesn't allow to access backend (Apache) content which is password protected

I have apache as a backend and nginx as a frontend. Some content is password-protected by Apache (HTTP Auth). When I access it directly - everything works fine, bur when I try it through nginx - seems like nginx doesn't forward or cache the…
Andrey Zentavr
  • 161
  • 1
  • 1
  • 5
3
votes
1 answer

Nginx PHP-FPM Basic Auth

I have nginx with php-fpm installed on Debian Squeeze. Directory tree is: /var/www/mysite index.php secret_folder_1 admin.php static.html secret_folder_2 admin.php static.html pictures img01.jpg I need to close secret_folder_1 and…
Lari13
  • 285
  • 1
  • 3
  • 8
3
votes
4 answers

Basic Auth on DirectoryIndex Only

I am trying to configure basic auth for my index file, and only my index file. I have configured it like so: Order allow,deny Allow from all AuthType Basic AuthName "Some Auth" AuthUserFile…
Brad
  • 1,389
  • 20
  • 43
3
votes
3 answers

Apache redirect to https for basic auth

I have a tricky variation on an old problem. I have an apache based site that should generally be accessed via http/port 80. However for certain areas protected areas that require authentication (designated by .htaccess), I want to be able to…
shreddd
  • 193
  • 2
  • 9
3
votes
2 answers

.htaccess - Exclude folder from basic auth protection

I have a website where no one is allowed to enter without entering the basic auth credentials. However, I need the media folder to be accessible by everyone, because we are using a third party extension which creates PDF's and we can only fully test…
Black
  • 419
  • 6
  • 18
3
votes
1 answer

Can I use rate-limiting with HTTP basic authentication in Apache?

So I'm running a few popular web applications on my server. I want these to be reachable from any computer without creating too many vulnerabilities. I am using Apache 2.4.29 as my HTTP server. My current idea for hiding potential security…
CodeFlo
  • 33
  • 4
2
votes
1 answer

Disabling (Apache) Basic Authentication for OPTIONS requests

I have Apache basic authentication enabled on a test server and it works great: AuthType Basic AuthName "testing" AuthUserFile /home/www/.htpasswd Require user MyUser deny from all But it is also trying to authenticate requests sent via the…
GIS-Jonathan
  • 123
  • 1
  • 4
2
votes
1 answer

How do I get Nginx to work with subdirectories? [Nginx, Let's Encrypt, basic auth]

What I want: I want to install Mautic in a subfolder of my web root. I have a domain https://example.com and I want Mautic to be accessible from https://example.com/mautic. What I have: I have a server with Ubuntu Server 18.04 Nginx 1.14.0 PHP…
Lukasz Pojezierski
  • 21
  • 4
1 2
3
16 17