securing website in ngnix using BASIC auth

Question

Hi I am trying to secure a website hosted on NGNIX. My problem is I am not able to see the authentication credentials dialog box when I access localhost.

Here is the ngnix.conf

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
    server {
        auth_basic          "Admin area";
        auth_basic_user_file /etc/apache2/.htpasswd;
    }
}

The site is hosted at localhost in a docker container. Here is the .dockerfile.

FROM nginx:alpine
RUN apk update
RUN apk add apache2-utils
WORKDIR /etc/apache2/
RUN htpasswd -c -B -b /etc/apache2/.htpasswd user1 password
## Remove default nginx index page
RUN rm -rf /usr/share/nginx/html/*

# copy the package.json to install dependencies
ADD root /usr/share/nginx/html/
ADD ngnix.conf /etc/nginx

EXPOSE 4200 80

ENTRYPOINT ["nginx", "-g", "daemon off;"]

Answer 1

The problem is that there is another server config in /etc/nginx/conf.d/ and you include it with include /etc/nginx/conf.d/*.conf;. Put your basic auth in /etc/nginx/conf.d/default.conf or delete that file.

Also your server block is missing a listen directive, like listen 80;. Check the mentioned /etc/nginx/conf.d/default.conf for basic server example.