Setup Basic Authentication on Ubuntu 18.04/Apache2

This tutorial will setup basic authentication using Apache running on Ubuntu 18.04.

Assumptions:

You have configured Apache2 under Ubuntu 18.04 LTS
Clean install as we are going to erase any and all configurations in /etc/apache2/sites-enabled
Your using the root account or your account has been added to sudo group.
Have vi/vim installed

Note: If your running this as a root account, such as in a docker container, remove all the sudo calls.

Generating a User and Password

From the terminal run the following command:

1

sudo htpasswd -c /etc/apache2/.htpasswd <username_you_want>

When prompted for a password enter one.

Verify from the terminal that .htpasswd was generated at /etc/apache2/.htpasswd, you can do this by navigating to the directory and checking or run the following:

1
2
3
4
5
6
7


if [ -e /etc/apache2/.htpasswd ] 
then 
    echo ".htpasswd was created succesfully"
else 
    echo ".htpasswd missing!"
    echo "Try running `htpasswd -c /etc/apache2 'username_you_want'`"
fi

Configuring Virtual Host

For this tutorial we are going to use the following script to generate our virtual host file that will enable authentication. It is a modified version of the default configuration found in /etc/apache2/sites-enabled.

Note: This script will setup the default apache2 sites-enabled file to use your newly created .htpasswd username/password. This will create a backup of your current sites-enabled folder to /etc/apache2/sites-enabled/sites-backup/ for you to restore if something breaks.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37


#!/bin/bash

#backup any existing confs
sudo mkdir /etc/apache2/sites-enabled/sites-backup/
sudo cp /etc/apache2/sites-enabled/*.conf /etc/apache2/sites-enabled/sites-backup/

#kill apache so we can remove existing sites-enabled *.conf
sudo systemctl stop apache2

#remove any sites-enabled *.conf
sudo rm /etc/apache2/sites-enabled/*.conf

#create our new sites-enabled conf
sudo bash -c " cat > /etc/apache2/sites-enabled/000-default.conf" << EOF
<VirtualHost *:80>
  ServerAdmin admin@localhost
  #the root of site, if your site is installed in folder my-app, change
  #document root to /var/www/html/my-app, etc...
  #for the tutorial just use the defaults provided and modify later
  DocumentRoot /var/www/html
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined

  <Directory "/var/www/html">
      #enable basic auth
      AuthType Basic
      #message displayed in username/password dialogue when authenticating
      AuthName "Directory Password Protected by admin@localhost"
      #path to the .htpasswd file
      AuthUserFile /etc/apache2/.htpasswd
      #require a valid-user to login
      Require valid-user
  </Directory>
</VirtualHost>
EOF

sudo systemctl restart apache2

Verifying Setup

Verify your installation by visiting http://localhost and verify that you are prompted for a username and password to continue. Check the credentials created in Generating a User and Password work for validating.

Congratulations, you know have a working implementation of basic HTTP authentication using Apache and Ubuntu 18.04.