Currently, I ran into the following scenario:
I had just set up a docker container on my CentOS for a new website.
The website was still under construction and shouldn’t be public while still being reachable over the web.
Current Setup
At the moment the container was running behind an Apache httpd server that’s acting as a proxy and handling the SSL encryption.
Set up password protecting using htaccess
Due to the site being unfinished, public access should be restricted.
Therefore, I wanted to use a password. This can be accomplished by using a .htaccess-file, witch needs to be referenced in the VirtualHosts-section of the apache config.
<VirtualHost *:443>
ServerName yannick-huber.de
ServerAlias www.yannick-huber.de
#Password protection
<Location />
Deny from all
AuthUserFile /etc/path/to/.htusers
AuthName "Under Construction"
AuthType Basic
Satisfy Any
require valid-user
</Location>
#Proxy settings
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://localhost:8000/
ProxyPassReverse / http://localhost:8000/
[...]
</VirtualHost>
After changing your apache2 config, the httpd service should be restarted. This can be done by running the following command:
sudo systemctl restart httpd
Creating .htusers file
If you don’t have a htusers file yet, you can generate it by running the following command:
sudo htpasswd -c .htusers username
You will then be asked which password should be set for the new user. After entering the secure password the htusers file will be created. You can validate if the file was created by running:
ls -a
Verifying the new access restriction
You can validate your new password protection by opening the website in your preferred browser.
If everything works, you see a prompt asking for a username and a password.