How to make Nginx Directory / Folder Encryption

On our Nginx server, for some reason, we may want to encrypt a directory/folder so that it can only be accessed with our username and password. Since Vesta CP is a free web panel, we will explain this article on how to encrypt a site’s directory on VestaCP on NGINX.

You can perform Nginx directory encryption in all Nginx installed VPS or VDS server packages in this article.

We connect to the SSH of our Linux server and run the following command;

The purpose here is to create the hash of the password that we will use for the directory, we will encrypt. Type and enter a password that you will not forget in the Password: section, as follows, giving you the hash code for that password;

nginx-hash code
nginx-hash code

Now it’s time to create the authorization file with this hash code and username. This is called auth_basic_user_file. You can create this file under any directory, for example, we open an empty file with nano as follows;

And we add the hash code that corresponds to our password with admin username, saves and exit. You can change the admin username here;

admin username
admin username

We’ve completed the provisioning, now it’s time to add the Nginx directory encryption code to our nginx.conf file. The important factor here is that if the nginx.conf file is held separately for each domain, it will find nginx.conf for that domain.

For example, in the VestaCP panel, we can list the nginx settings file for the domains as follows:

With the above command, we will see the nginxfiles of the domains. Here we will do the sample encryption for the domain in the file. We open with Nano;

At the end of the server {section, we add our directory encryption code. For example, we will encrypt part of with the following code. auth_basic_user_file hash file path;

The above example includes standard encryption. Does not include child files. If you want to include it in subfolders, you can enter an nginx rule as follows (This code is compatible with Vesta CP nginx structure);

Then we restart nginx;

When we access our site in the form of  directory protection screen will appear as follows, we can login with our username and password;



I hope it has been a useful article.