Matt Stauffer
Newsletter Podcasts Talks Articles Book
Jun 17, 2014 | forge, htpasswd, nginx

Laravel Forge - Password Protect a Folder

Series

This is a series of posts on Laravel Forge.

!
Warning: This post is over a year old. I don't always update old posts with new information, so some of this information may be out of date.

Now that the initial hubbub of trying out new Laravel apps in Forge is over, we've started to put more non-Laravel sites on Forge as well.

Today I needed to get an old CodeIgniter site online somewhere, password-protected, to train someone on. So, I spun up a new site on one of my Forge servers, uploaded the code, ran the migrations, and was ready to go--until I realized I didn't know how to password protect a folder in Nginx.

Thankfully, it's almost easier than it is in Apache.

Generate htpasswd file

Just like when you're password protecting a folder in Apache, you'll need to generate a htpasswd file. You can create the htpasswd file locally or use DynamicDrive's web-based htpasswd generator. Either way, you should end up with a small text file that convention suggests you name .htpasswd.

Upload this file to your remote server. I like to put it in the web root for my site and then git ignore it (and, of course, if you're serving the site from the web root you'll want to move it above that level). So my file will live in /home/forge/my-site-name-here/.htpasswd.

Point Nginx config to htpasswd

Now log into Forge. Edit the site you want to password protect. Click the edit icon in the lower right hand corner of the site edit panel, and a box to edit your Nginx config file will pop up.

Forge Site Edit Icon

If you want to password protect the entire site, just append a few lines to the end of the location / block, taking it from this:

location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

to this:

location / {
        try_files $uri $uri/ /index.php?$query_string;

        auth_basic            "Restricted Area";
        auth_basic_user_file  /home/forge/my-site-name-here/.htpasswd;
    }

If you want to just password protect a particular folder, create a new location {} block and place the auth instructions there. Learn more about location blocks at the Nginx docs.

Now save the Nginx config in Forge. Forge will auto-apply the config, so you won't need to restart Nginx manually.

That's it

Next time you visit this site, you'll see the (probably) familiar HTTP authentication popup. All done!

Forge Password Prompt

Comments? I'm @stauffermatt on Twitter

Tags: forge  •  htpasswd  •  nginx

This is part of a series of posts on Laravel Forge:

  2. Laravel Forge - Logging With Papertrail
    May 16, 2014 | forge, laravel, papertrail
  4. Laravel Forge - Adding a Queue Worker with Beanstalkd
    May 23, 2014 | laravel, forge, queue, beanstalkd
  5. Laravel Forge - Scheduling a Cron Job
    Jun 2, 2014 | laravel, forge, cron
  6. Laravel Forge - Adding an SSL Cert
    Jun 2, 2014 | forge, laravel, ssl
  7. Laravel Forge - Password Protect a Folder
    Jun 17, 2014 | forge, htpasswd, nginx
  8. Laravel Forge - Wildcard Subdomains
    Jun 23, 2014 | laravel, forge, subdomains
  9. Laravel Forge - Using Recipes
    Jul 9, 2014 | forge, laravel, recipes
  10. Laravel Forge - Hosting on AWS
    Jul 25, 2014 | laravel, forge, aws, hosting
  11. Laravel Forge - Forge Plus and Circles
    Sep 17, 2014 | laravel, forge
  14. Starting a blog with Sculpin on Laravel Forge
    Dec 24, 2014 | forge, sculpin, fiveMinuteGeekShow

Subscribe

For quick links to fresh content, and for more thoughts that don't make it to the blog.