Htpasswd for the landing page

I have set the htpasswd for an nginx server to include landing page authentication for the domain connected to Jitsi server. However, the authentication is not working. Any suggestion on what change in code is required?

Current Code:
location / {
auth_basic “Restricted Content”;
auth_basic_user_file /path/to/the/folder/.htpasswd;
#return 301 $scheme://host$request_uri;
}

after htpasswd was generated and added to the path to the folder directory.

It needs to show something like this, https://comedaddymummy.com, which is on an apache server. However, I don’t see for the domain, https://aioexplorer.com, on the nginx server. Any suggestions?

Nothing special to configure, the above code should work.
Check for typos, check whether the nginx user (www-data if it’s deb system) can see this file and most importantly check what are the errors in /var/log/nginx/error.log, it should be self-explanatory there.

Thanks, Yasen.

There is no error to my knowledge.

location / {

   #return 301 https://$server_name$request_uri;
   #return 301 $scheme://domainname$request_uri;
   deny all;
   auth_basic "Restricted Content";
   auth_basic_user_file /etc/nginx/.htpasswd;
   #return 301 $scheme://domainname$request_uri;   

}

I had the htpasswd, both under /etc/nginx and /usr/share/jitsi-meet. Neither one worked.

Output from Nginx -t:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

/var/log/nginx/error.log:
2020/08/17 00:54:21 [notice] 10638#10638: signal process started

Any Jitsi admin, who could shed some light on the feasibility of this one? It would be great for the community.

I checked the following code live and it’s working:

location / {
    auth_basic "Restricted Content";
    auth_basic_user_file /etc/nginx/.htpasswd;
}

Right now it’s on https://demo.lindeas.com/ (test:123) and as you see it works.
You have some issue with Nginx, not with Jitsi. Check the logs - check the nginx access log.
What does it mean it’s not working - what happens, give us a feedback.

1 Like

Yasen: I confirmed yours and it is working. Thanks for testing it and sharing. Would the location of this section in the .conf file make a difference? What is the permission requirement for htpasswd?

=============================================================
server {

listen 80;
listen [::]:80;

server_name servername1 servername2;
#server_name chillin.aioexplorer.com;   

location / {

   #deny all;
   auth_basic "Restricted Content";
   #auth_basic_user_file /usr/share/jitsi-meet/.htpasswd;
   auth_basic_user_file /etc/nginx/.htpasswd;
   #return 301 https://$host$request_uri;   

}

location ~ /\. { deny  all; }

===========================================================

Here is the log output from the previous day.
2020/08/17 00:54:21 [notice] 10638#10638: signal process started
2020/08/17 21:05:25 [notice] 2848#2848: signal process started
2020/08/17 21:11:52 [notice] 2907#2907: signal process started
2020/08/17 21:19:12 [notice] 2969#2969: signal process started
2020/08/17 21:20:39 [notice] 2994#2994: signal process started
2020/08/17 21:26:09 [notice] 3043#3043: signal process started
2020/08/17 21:30:11 [notice] 3081#3081: signal process started
2020/08/17 21:33:55 [notice] 3118#3118: signal process started
2020/08/17 21:45:54 [notice] 3207#3207: signal process started
2020/08/17 22:12:23 [notice] 3386#3386: signal process started
2020/08/17 22:47:33 [notice] 3624#3624: signal process started
2020/08/17 22:49:04 [notice] 3647#3647: signal process started
2020/08/17 23:37:33 [notice] 3986#3986: signal process started

I don’t see any error from my end.

Like I said nothing special, just follow the Nginx docs. The password file should be readable by the process that runs the webserver. In Debian the parent process, the main nginx process is owned by root, so this is not an issue.

Yes, I referred to this reference as well to set this up in the first place. Thanks for sharing, though.

As mentioned, these urls of ours https://cv.val-u-pro.com, https://comedaddymummy.com and https://beep.comedaddymummy.com all have htpasswd and are working fine, though on an apache server.

By the way, if I were to have a reverse proxy, then how would I set up a htpasswd on an nginx server?

For details on the conf file set up, if time permits, please also check this one that was shared over at Letsencrypt.

Yasen: Thanks for engaging in this discussion. Finally, got the htpasswd going. The code was the same. However, the location of the code had to be changed, which did the trick.