To protect your React, GitLab, and WordPress installations with an HTTP password (basic authentication) on the various domains you mentioned, you can use HTTP Basic Authentication. This is often implemented using NGINX or Apache web servers, depending on your setup. Here's how you can achieve it for each of your domains:
For NGINX-based Servers:
1. Install the htpasswd
Utility
You'll need to create an .htpasswd
file, which stores usernames and encrypted passwords.
On Ubuntu or AlmaLinux, install the htpasswd
utility:
sudo apt-get install apache2-utils # For Ubuntu/Debian
sudo yum install httpd-tools # For AlmaLinux/CentOS
2. Create the .htpasswd
File
You can create a username and password for basic auth:
sudo htpasswd -c /etc/nginx/.htpasswd username
You'll be prompted to enter a password for the user. This creates the .htpasswd
file at /etc/nginx/.htpasswd
.
3. Configure NGINX for HTTP Basic Authentication
For each site (React, GitLab, WordPress), you need to modify the relevant NGINX configuration file to include the basic authentication directive.
Edit the NGINX configuration for each domain. For example, for dit-dah.click
:
sudo nano /etc/nginx/sites-available/dit-dah.click
Add the following inside your server block:
server {
listen 80;
server_name dit-dah.click;
# Other server config...
# Enable HTTP Basic Authentication
location / {
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
# Other location config...
}
}
You would need to do the same for each of your other sites:
- spiffydesign.com (GitLab installation)
- localtransporter.space (React)
- wp-flap-flap.ferociousbutterfly.com (WordPress)
- flap-flap.ferociousbutterfly.com (React)
The same auth_basic
and auth_basic_user_file
lines need to be added to the configuration for each site.
4. Restart NGINX
After modifying the configuration, restart NGINX to apply the changes:
sudo systemctl restart nginx
For Apache-based Servers:
1. Create the .htpasswd
File
Just like with NGINX, you need to create an .htpasswd
file for Apache. Install the htpasswd
tool if you haven't already:
sudo apt-get install apache2-utils # For Ubuntu/Debian
sudo yum install httpd-tools # For AlmaLinux/CentOS
Generate the .htpasswd
file:
sudo htpasswd -c /etc/apache2/.htpasswd username
Enter your password when prompted.
2. Configure Apache for HTTP Basic Authentication
Edit the Apache configuration file for each of your sites. For example, for wp-flap-flap.ferociousbutterfly.com
:
sudo nano /etc/apache2/sites-available/wp-flap-flap.ferociousbutterfly.com.conf
Add the following inside the <VirtualHost>
block:
<VirtualHost *:80>
ServerName wp-flap-flap.ferociousbutterfly.com
# Enable HTTP Basic Authentication
<Location />
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Location>
# Other configuration...
</VirtualHost>
You would do the same for each site:
- dit-dah.click (React)
- spiffydesign.com (GitLab installation)
- localtransporter.space (React)
- flap-flap.ferociousbutterfly.com (React)
3. Restart Apache
After modifying the configuration, restart Apache to apply the changes:
sudo systemctl restart apache2
Additional Notes:
- If you have SSL (HTTPS) enabled, make sure you're editing the correct configuration files (typically ending with
-ssl.conf
or similar). - You can create separate
.htpasswd
files for each domain or use the same one if you want to use the same credentials across all sites. - Remember to restrict access only to the paths you need; for example, the GitLab repository access, the entire WordPress admin panel, or specific pages in your React apps.
This approach will give you a basic password protection on each of your installations. Let me know if you need more specific instructions for any of the services or configurations!