How to Set Up Apache htpasswd Authentication in Ubuntu?

Installing htpasswd authentication on Apache in Ubuntu is an excellent approach to fortify the web server with additional protection. We shall see the step-by-step process for that in this tutorial.

Prerequisites

• Apache server installed.
• Command-line basic operations.

Steps to set up Apache htpasswd authentication in Ubuntu

Step 1: Installing Apache Utilities

• Check if the package for Apache utilities is installed. The htpasswd program, which is used to maintain username and password pairs, is included in this package.

sudo apt update
sudo apt install apache2-utils

Step 2: Create a password File

• The credentials will be kept in a password-protected file that we will create. Place it wherever you'd like, although generally speaking, it's located at '/etc/apache2/' We're going to call the file ".htpasswd" for this tutorial.

sudo htpasswd -c /etc/apache2/.htpasswd yourusername

• A new password file will be created using the -c option. You will be required to input and verify your username's password. You can remove the -c argument to add more users.

sudo htpasswd /etc/apache2/.htpasswd anotheruser

Step 3: Configure Apache to Use the Password File

• One need to configure the apache to use this password file. This involves editing of apache configuration file or the specific virtual host file where you want to enable the authentication.
• open the apache configuration file or your sites virtual host file.

sudo nano /etc/apache2/sites-available/000-default.conf

• Within the <VirtualHost> block or a specific <Directory> block, add the following configuration:

<Directory "/var/www/html">
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/.htpasswd
    Require valid-user
</Directory>

• This configuration tells apache to use the basic authentication and specific '.htpasswd' file to control access to the '/var/www/html' directory.

Step 4: Enable and Restart the Apache

• To apply the changes save and exit the editor.

sudo systemctl restart apache2

Step 5: Test the Authentication

• Open we browser and navigate to server's address like http://localhost:8080. You will prompted to enter username and password. enter your credentials you set up with the htpasswd command.

Troubleshooting

Check the following in case of any issues occurs.

• Ensure the .htpasswd file path is correct and accessible by the Apache process.
• Check the Apache error logs for any relevant error messages:

sudo tail -f /var/log/apache2/error.log

• Verify that the mod_auth_basic module is enabled in Apache. It should be enabled by default, but you can ensure it with the following command:

sudo a2enmod auth_basic

Conclusion

Successfully following steps mentioned in this guide one can easily set the Apache htpasswd authentication in ubuntu. This adds a basic level of security to your web server, requiring users to provide a valid username and password before accessing restricted areas.