To establish a secure username and password for accessing your web server, utilize the following code snippet. Additionally, for enhanced security, you can implement geo-authentication to whitelist specific IP addresses, ensuring that only authorized users gain access while keeping unwanted visitors and bots at bay.
sudo sh -c "echo -n 'username:' >> /etc/nginx/.htpasswd"
sudo sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"
cat /etc/nginx/.htpasswd
Edit the nginx config
Here's how you can integrate geo-authentication into your nginx configuration file:
sudo vi /etc/nginx/conf.d/default.conf
# Configure no login for specified IP addresses
geo $authentication {
default "Authentication required";
<IP to whitelist> "off";
}
# Location block for authentication
location / {
try_files $uri $uri/ /index.php?$args;
auth_basic $authentication;
auth_basic_user_file /etc/nginx/.htpasswd;
}
# Verify nginx configuration and restart service if test passes
sudo nginx -t
sudo service nginx restart