Nginx Authentication

		LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Nginx Authentication

Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.

Exclusive for LQ members, get up to 45% off per month. Click here for more info.

Search this Thread

05-15-2019, 08:38 AM	#1
yash1990 LQ Newbie Registered: Apr 2018 Posts: 27 Rep:	Nginx Authentication Hi All, Recently installed ELK on my server. Now I needed to set up an authentication, to access the dashboard link. Upto some level I have succeeded, but not fully. Authentication works if I access the link with hostname or IP : www.test.com or 10.10.10.10. But as soon as I access the same link with port 5601, authentication does not work on it. It just loads the dashboard without authenticating. Example : 10.10.10.10:5601 or www.test.com:5601 Below is the content of nginx.conf file : user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; include /usr/share/nginx/modules/.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; include /etc/nginx/conf.d/.conf; } ======================= Below is the content of authentication file : upstream app { server 10.10.10.10:5601; keepalive 64; } server { listen 80; server_name www.test.com; auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/htpasswd.users; location / { proxy_pass http://app; } } =========================

05-15-2019, 09:05 AM	#2
sevendogsbsd Senior Member Registered: Sep 2017 Distribution: FreeBSD Posts: 2,252 Rep:	I've never done authentication on nginx but it looks like you have it configured for port 80 only. Do you just need to add another authentication entry for port 5601? Also, not using HTTPS means the username and password are sent in the clear - if this is internal only or in a lab, that's probably fine but if going out over the Internet, I would implement HTTPS.

05-15-2019, 10:27 AM	#3
yash1990 LQ Newbie Registered: Apr 2018 Posts: 27 Original Poster Rep:	I am going to access this application in private network, so SSL is not important. After having configured nginx, I am getting same contents for below links : www.test.com:5601 www.test.com I'm getting authentication pop-up for www.test.com, but not for www.test.com:5601

05-15-2019, 10:30 AM

sevendogsbsd

Senior Member

Registered: Sep 2017

Distribution: FreeBSD

Posts: 2,252

Rep:

Quote:

Originally Posted by yash1990

I am going to access this application in private network, so SSL is not important. After having configured nginx, I am getting same contents for below links :
www.test.com:5601
www.test.com

I'm getting authentication pop-up for www.test.com, but not for www.test.com:5601

Understood, but what I was suggesting was something like this, but I am not sure this is how you do this in nginx as I have not configured authentication in it before:

Code:

server {
listen 5601;
server_name www.test.com;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/htpasswd.users;

05-15-2019, 10:56 AM	#5
yash1990 LQ Newbie Registered: Apr 2018 Posts: 27 Original Poster Rep:	Not working. Below is the error that I get upon nginx service restart May 15 11:53:13 test.com polkitd[5867]: Registered Authentication Agent for unix-process:11576:89549281 (system bus name :1.570 [/usr/bin/pkttyagent --notify-fd 5 May 15 11:53:13 test.com systemd[1]: Starting nginx - high performance web server... -- Subject: Unit nginx.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman.../systemd-devel -- -- Unit nginx.service has begun starting up. May 15 11:53:13 test.com nginx[11582]: nginx: [emerg] bind() to 0.0.0.0:5601 failed (98: Address already in use) May 15 11:53:14 test.com nginx[11582]: nginx: [emerg] bind() to 0.0.0.0:5601 failed (98: Address already in use) May 15 11:53:14 test.com nginx[11582]: nginx: [emerg] bind() to 0.0.0.0:5601 failed (98: Address already in use) May 15 11:53:15 test.com nginx[11582]: nginx: [emerg] bind() to 0.0.0.0:5601 failed (98: Address already in use) May 15 11:53:15 test.com nginx[11582]: nginx: [emerg] bind() to 0.0.0.0:5601 failed (98: Address already in use) May 15 11:53:16 test.com nginx[11582]: nginx: [emerg] still could not bind() May 15 11:53:16 test.com systemd[1]: nginx.service: control process exited, code=exited status=1 May 15 11:53:16 test.com systemd[1]: Failed to start nginx - high performance web server. -- Subject: Unit nginx.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman.../systemd-devel -- -- Unit nginx.service has failed. -- -- The result is failed. May 15 11:53:16 test.com systemd[1]: Unit nginx.service entered failed state. May 15 11:53:16 test.com systemd[1]: nginx.service failed. May 15 11:53:16 test.com polkitd[5867]: Unregistered Authentication Agent for unix-process:11576:89549281 (system bus name :1.570, object path /org/freedesktop/Po

05-15-2019, 11:00 AM	#6
sevendogsbsd Senior Member Registered: Sep 2017 Distribution: FreeBSD Posts: 2,252 Rep:	So where is the entry for port 5601 configured? If the dashboard is available on 5601, all I am saying is you need to configure that port for authentication.

05-15-2019, 12:29 PM	#7
yash1990 LQ Newbie Registered: Apr 2018 Posts: 27 Original Poster Rep:	You can find entry of 5601 in config file: upstream app { server 10.10.10.10:5601; keepalive 64; } server { listen 80; server_name www.test.com; auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/htpasswd.users; location / { proxy_pass http://app; } }

05-15-2019, 12:42 PM	#8
sevendogsbsd Senior Member Registered: Sep 2017 Distribution: FreeBSD Posts: 2,252 Rep:	Quick search resulted in this, might be helpful: https://stackoverflow.com/questions/...tion-in-kibana

05-17-2019, 06:14 AM	#9
tyler2016 Member Registered: Sep 2018 Distribution: Debian, CentOS, FreeBSD Posts: 243 Rep:	I'm taking a shot in the dark here since I use HAProxy for my front ending needs. What happens when you replace: Code: location / { proxy_pass http://app; } with: Code: location / { proxy_pass http://app; auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/htpasswd.users; }

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
nginx/1.4.1 '/etc/nginx/sites-available/default' missing	Jalalabee	Linux - Newbie	0	06-05-2013 07:44 AM
nginx + php-fpm and nginx modules	fantasygoat	Linux - Server	0	06-09-2011 12:21 PM
LXer: Nginx+Varnish compared to Nginx	LXer	Syndicated Linux News	0	04-27-2011 02:30 PM
Nginx experts help me-problem when using Nginx php-fpm !!!	HuMan-BiEnG	Linux - Server	2	04-17-2011 02:30 PM
NGINX with PHP-FPM vis NGINX with Spawn-FCGI	WhisperiN	Linux - Server	1	03-15-2011 06:39 PM

All times are GMT -5. The time now is 10:59 PM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions