Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [http-basic-authentication]

256 questions
1
vote
0 answers

basic auth for all pages except one

I have a wordpress page and want to add basic auth to the page, except for the wordpress rest api (url: localhost/wp-json/xyz)! The main problem seems to be the redirect that happens in the standard .htaccess of wordpress. Because of that I dont…
user1970122
  • 11
  • 2
1
vote
1 answer

Weird htaccess file

I am working on a client's site, and I spot this htaccess file. # -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* order deny,allow deny from all allow from all order…
Natalie Adams
  • 745
  • 1
  • 6
  • 16
1
vote
1 answer

Basic Auth in htaccess... only if in a specific subpath

We deploy the same code with the same .htaccess to Integration, Stage and Production. I want to require a basic auth on all but the Production server. They differ in the path, e.g. /data/stage/www/... vs. /data/prod/www/...
Zsolt Szilagy
  • 142
  • 9
1
vote
1 answer

Adding Basic Authentication to Nginx that contains existing Rewrite rules

I have images successfully served through a Nginx rewrite rule: # Rewrite part ============== location ~* "^/([a-z]{5})/([0-9]{5}).png$" { rewrite .* "/$1/image_handler.php?x=$2" last; } Now I need to add Basic Authentication to this service. I…
Jason
  • 121
  • 6
1
vote
0 answers

nginx Basic Authentication configuration on windows can't find user in auth_basic_user_file

I'm trying to set up basic authentication on an nginx 1.14.2 server on a Windows 7 machine. Here's my test configuration: worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type …
dee-see
  • 111
  • 6
1
vote
1 answer

Nginx. White-list top filter and no auth white-list and basic auth simultaneously

Can't find a way to build the next scheme. A whitelist of IPs ever allowed. Ban for most of the net. A sublist of whitelisted IPs allowed to bypass auth. A part of a local net, for example. Basic auth for the rest, allowed but not bypassing it…
Les
  • 13
  • 4
1
vote
1 answer

How can I access an environment variable set by a rewrite rule in an expression?

I am working on a Symfony 3.4 application which has public and private parts. However, I am currently setting up a staging system for this application which should only be accessed by authorized users, so I put an .htaccess basic authentication in…
Chris
  • 181
  • 2
  • 9
1
vote
2 answers

Nginx: Basic_auth is set up and working, but all protected pages return 404

I've set up basic auth on some pages on my site. Server logs are showing that the authentication is working, however, once I'm logged in all the protected pages return 404 errors - and not my actual 404 page either, but the generic Nginx 404 page.…
Lewy Blue
  • 151
  • 1
  • 7
1
vote
0 answers

Adding exception to nginx HTTP basic authentication based on being on the local network

I'm running an installation of a webapp running on a self-hosted server which is on my main network along with all our company PCs and a couple of other servers. We've decided we want to add HTTP basic authentication as an extra layer of security,…
shaneoh
  • 414
  • 3
  • 7
  • 19
1
vote
1 answer

Apache basic auth with LDAP and reverse proxy

So im using Apache 2.4, I want to set up a basic auth connected with LDAP and then, reverse proxy. The idea is to secure a webpage with this authorization. So here is my config: Order deny,allow Deny from All AuthType Basic AuthName…
Chrzciciel
  • 53
  • 1
  • 8
1
vote
0 answers

Apache - LDAP basic auth checked but not required

I need Apache, configured as Proxy pass, to check the Authorization: Basic ... header against an LDAP server, setting a custom header if credentials exist and are correct but passing the request to the downstream server even if auth is missing or…
Iacopo
  • 111
  • 3
1
vote
0 answers

Setting up Apache 2.4 reverse proxy with SSL and authentication both on proxy AND backend

Goal: a client authenticates against apache 2.4 reverse proxy with OTP (AuthType basic), is then forwarded to the backend server (apache 2.2) where further individual authentication is required (Kerberos). Client gets access after both factors…
MarkHelms
  • 181
  • 5
  • 16
1
vote
2 answers

Improve performance of Nginx with http auth and a lot of requests

I've got an PHP side running via fpm behind an Nginx server. For $reasons we need an http base auth in front of that setup, so I ended up in a setup like: #… server section …. auth_basic "Restricted"; auth_basic_user_file…
frlan
  • 573
  • 1
  • 8
  • 27
1
vote
1 answer

Getting 401.2 error with IIS basic authentication instead of a password prompt

When I deploy a web site locally in IIS on Windows 7 with a section in web.config allowing a single local user to authenticate, it works fine. Navigating to…
ajeh
  • 99
  • 7
1
vote
2 answers

IIS 8.5 Basic authentication not working - internal error 500.19

I have Basic Auth enabled for the specific folder and anonymous disabled. I also have created users, however I get a "The page cannot be displayed because an internal server error has occurred." message on the browser. Here is the log from the…
mirrormirror
  • 11
  • 1
  • 3
1 2 3
17 18