Published on

Nginx Basic Authentication with Source IP Whitelisting


Quick post on how to setup HTTP Basic Authentication and whitelist IP Based Sources to not get prompted for Authentication.

This could be useful for systems interacting with Nginx, so that they don't have to provide authentication.


Install nginx and the package required to create the auth file:

apt install nginx apache2-utils -y

Create the Password file:

htpasswd -c /etc/ngins/secrets admin


Delete the old configuration:

rm -rf /etc/nginx/conf.d/*.conf

Create the site config:

server {
    listen       80;
    server_name  localhost;

    location / {
        satisfy any;
        deny all;

        auth_basic "restricted";
        auth_basic_user_file /etc/nginx/secrets;
        root   /usr/share/nginx/html;
        index  index.html index.htm;

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;

Reload the Changes:

nginx -s reload


Testing from our Whitelisted location (localhost):

curl -i 
# HTTP/1.1 200 OK

Testing from remote location:

curl -i http://localhost
# HTTP/1.1 401 Unauthorized

curl -i http://admin:password@localhost
# HTTP/1.1 200 OK

Thank You

Thanks for reading, feel free to check out my website, and subscrube to my newsletter or follow me at @ruanbekker on Twitter.