How to set up password authentication with apache on Ubuntu 20.04

Goal: Restrict content access through username and password entry.

1: Apache Utilities Package

First, update your server’s package index:

sudo apt update

Check if the utilities package exists in your environment by executing the command

dpkg --get-selections | grep apache

Response:

apache2-utils					install
libapache-pom-java				install

So it exists.  But what do you do if it doesn't exist?

How come I need to install apache-utils?  To restrict access you will be using a utility called htpasswd, which is part of the apache2-utils package.  To install execute the command:

sudo apt install apache2-utils

With this installed, you now have access to the htpasswd command.

2 Create the Password File

Now you can create a password file using the htpasswd.  Create a hidden file for this purpose called .htpasswd within your /etc/apache2 configuration directory.

For the initial use of this tool, you need to add the -c option to create the .htpasswd file.  In doing so, enter a username replacing {username} with your own:

sudo htpasswd -c /etc/apache2/.htpasswd {username}

You will be prompted to enter and re-type a password for the user, as follows:

New password:
Re-type new password:

Remember when you create more user's to leave out the -c argument so you don’t overwrite the file:

sudo htpasswd /etc/apache2/.htpasswd {next_user}

You can check the .htpasswd file contents to confirm its contents by using the command:

cat /etc/apache2/.htpasswd

The response will show the usernames and passwords.  However, the passwords are encrypted.

3 Configuring Apache password authentication

Begin by editing the Apache configuration and add password protection to the virtual host file.  Generally this option delivers better performance as it avoids the expense of reading distributed configuration files.

Look into the virtual host file that you wish to add an access restriction.  Such as /etc/apache2/sites-available/your_domain.conf file that holds the virtual host.  I didn't have a /etc/apache2/sites-available directory.  However, following a find command, I found site-available directory in the nginx directory.

sudo find / -name sites-available -type d

Response

/etc/nginx/sites-available

Flag here is the only directory is in the Nginx directory.  So go no further and change over the Nginx instructions.  However, if you response was /etc/apaches/site-available then continue reading.  In this directory I had two files:

ckan
default

Open up the file with a command-line text editor such as nano:

sudo nano default.conf

Added the following content

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName CKAN
    ServerAlias {url}
    DocumentRoot {path/to/directory}
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    <Directory "{path/to/directory}">
      AuthType Basic
      AuthName "Restricted Content"
      AuthUserFile /etc/apache2/.htpasswd
      Require valid-user
    </Directory>
</VirtualHost>

sudo nano /etc/apache2/apache2.conf

Edit the file as follows

<Directory {path/to/your/installation}>
  Options Indexes FollowSymLinks
  AllowOverride All
  Require all granted
</Directory>

Replace {path/to/your/installation} with your path to CKAN installation.