How to use authentication with Lighttpd (htpasswd)

In this example, we will setup basic authentication for Lighttpd. Let’s imagine, for the purpose of this tutorial, that you want to secure a directory where you store some sort of reports. Those will be served on reports.example.com. By default, they will be accessible to anyone. And we don’t want that.

Configs are done on a Debian-based system. For RedHat-based users, your mileage might vary a bit.
Minimal vhost example

$HTTP["host"] == "reports.example.com" {
server.document-root                = "/var/www/reports.example.com"
accesslog.filename                  = "/var/log/lighttpd/reports.example.com.access.log"
server.errorlog                     = "/var/log/lighttpd/reports.example.com.error.log"
}

That will be the starting base of our example.

We need to instruct lighttpd to load it’s authentication module by editing /etc/lighttpd/lighttpd.conf to add mod_auth to the server.modules section.

In order to do that, we will need to install the package apache2-utils (using apt-get). It will provide us with the command htpasswd. Lighttpd doesn’t have an equivalent tool, but since we’ll use that authentication mechanism, we still need it.

root@server:~# htpasswd -c /etc/lighttpd/htpasswd jsmith
New password:
Re-type new password:
Adding password for user jsmith

NOTE: Never put your password file under your document root!

Our vhost will now look like this:

$HTTP["host"] == "reports.example.com" {
server.document-root                = "/var/www/reports.example.com"
accesslog.filename                  = "/var/log/lighttpd/reports.example.com.access.log"
server.errorlog                     = "/var/log/lighttpd/reports.example.com.error.log"
# Authentication config
auth.debug                          = 2
auth.backend                        = "htpasswd"
auth.backend.htpasswd.userfile      = "/etc/lighttpd/htpasswd"
auth.require = ( "/" => ( "method" => "basic", "realm" => "Restricted access", "require" => "user=jsmith" ) )
}

At this point, all that’s left to do is to restart lighttpd. The next time you access http://reports.example.com, you will be prompted for credentials.

Enter your comment. Wiki syntax is allowed:
 
  • linux_faq/виртуальные-пользоваватели-lighttpd-how-to-use-authentication-with-lighttpd-htpasswd.txt
  • Last modified: 2019/02/11 09:13
  • by 127.0.0.1