Posts

Setting Up Basic Authentication with Apache



Used Software


virtualbox version 6.1

vagrant version 2.2.19

vagrant box: centos/7

apache version 2.4.6



What is Basic Authentication?


In the context of an HTTP transaction, basic access authentication is a method for an HTTP user agent (e.g. a web browser) to provide a user name and password when making a request. In basic HTTP authentication, a request contains a header field in the form of Authorization: Basic <credentials>, where credentials is the Base64 encoding of ID and password joined by a single colon :.

Wikipedia: https://en.wikipedia.org/wiki/Basic_access_authentication




How to Set Up a virtualhost in Apache and Apply Basic Authentication

In this case, the goal is to apply basic authentication to a public screen configured with a VirtualHost installed in vagrant.


Change the Vagrantfile settings and log in to vagrant

Edit the vagrantfile to enable internet access in the local environment.

An example Vagrantfile has the following settings.

# -*- mode: ruby -*-
# vi: set ft=ruby :
 
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
 
  # Every Vagrant development environment requires a box. You can search for
  # boxes at https://vagrantcloud.com/search.
  config.vm.box = "centos/7"
 
  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # NOTE: This will enable public access to the opened port
   config.vm.network "forwarded_port", guest: 80, host: 8080
 
  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
   config.vm.network "private_network", ip: "192.168.43.20"
 
end

In the above file, It is a must that the line about the connection is like below.

config.vm.network "private_network", ip: "192.168.43.20"

After you edit the file, use the commands below to complete the connection.

vagrant up
vagrant ssh

Install apache and check the test page

Install apache with the command.

sudo yum install httpd

Then check the status.

systemctl status httpd

You will get the result "inactive(dead)" since apache is not started yet.

● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: man:httpd(8)
man:apachectl(8)

So let's start it.

sudo systemctl start httpd

If you check its status after that, you will get the result below.

systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2022-08-12 05:55:17 UTC; 4s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 2443 (httpd)
Status: "Processing requests..."
CGroup: /system.slice/httpd.service
tq2443 /usr/sbin/httpd -DFOREGROUND
tq2444 /usr/sbin/httpd -DFOREGROUND
tq2445 /usr/sbin/httpd -DFOREGROUND
tq2446 /usr/sbin/httpd -DFOREGROUND
tq2447 /usr/sbin/httpd -DFOREGROUND
mq2448 /usr/sbin/httpd -DFOREGROUND

Then check if the apache test page is properly displayed.


Check http://localhost:8080 in your browser and if the apache test screen appears, you are good to go.


Set up a virtualhost

The first step is to create a document root for Virtualhost.

mkdir -p /var/www/vhosts/example.com/public_html

Once the document root is created, move it to public_html.

cd /var/www/vhosts/example.com/public_html

Create files to display under public_html

vi index.html

The content can be described arbitrarily. In this case, it is for a test for Virtualhost, so the wording would be as follows.

This is a test for the basic document

After writing in the page as above, save and close the page with :wq.


Next, create a virualhost conf file. To read the conf file, it must be placed under /etc/httpd/conf.d, so move to a file under conf.

cd /etc/httpd/conf.d/

Once in the conf directory, create a conf for Virtualhost.

vi vhost.conf

Write ServerName and DocumentRoot in vhost.conf.

<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/vhosts/example.com/public_html
</VirtualHost>

Restart apache to reflect the configuration.

systemctl restart httpd

Edit the hosts file, as it needs to be configured locally in windows to reflect the settings. the location of the hosts file is in the following directory.

C:\Windows\System32\drivers\etc\hosts

Enter this path in explorer, open the host file in notepad with administrator rights and add the following description.

192.168.43.20 example.com

Then save it.


If the configuration is successful, the site described in index.html will be displayed when you type http://example.com in your browser.

Next, configure basic authentication on the VirtualHost you have set up.



Set up basic authentication

/var/www/vhosts/example.com/public_html

Set up basic authentication so that it is only applied to sites in the path of the site where basic authentication will be applied this time.

sudo htpasswd -c /var/www/vhosts/example.com/.htpasswd {username}

The user name and password can be set arbitrarily. Type the above command and set the password. Then type the cat command to check that the user and password have been set.

cat /var/www/vhosts/example.com/.htpasswd

Ensure that the output result shows the username and hashed password.

vagrant:$apr1$5XrvFjtv$45oq4gzLiu708WtVYuOtq0

Now it is time to configure the settings so that basic authentication is performed. This time .htaccess is used to perform basic authentication.


Create .htaccess files under the document root.

sudo vi /var/www/vhosts/example.com/public_html/.htaccess

Then, set up the setting where basic authentication is applied in the .htaccess.

AuthType Basic
AuthName basic auth test
AuthUserFile /var/www/vhosts/example.com/.htpasswd
require valid-user

apache is not configured by default to allow .htaccess settings, so you need to configure it to allow them.

Specifically, the settings are added to vhost.conf so that basic authentication can be set for /var/www/vhosts/example.com/public_html. The content to be added is the following description.

<VirtualHost *:80>
  ServerName example.com
  DocumentRoot /var/www/vhosts/example.com/public_html
  <Directory /var/www/vhosts/example.com/public_html>
    AllowOverride AuthConfig
  </Directory>
</VirtualHost>

First, <Directory /var/www/vhosts/example.com/public_html></Directory> is written to determine which directory the settings should be reflected in. Basic authentication is reflected by setting AllowOverride to AuthConfig. Once these changes have been added, reboot the system to reflect the settings.

sudo systemctl restart httpd

Access http://example.com again and check the state.


If basic authentication is displayed, this means that the settings have been correctly reflected. Enter the username and password you have set and check that the index.html is displayed properly.








This blog post is translated from a blog post written on our Japanese website.