Caddy HTTP Basic Authentication (basicauth)
Last Updated: 07/06/2021
What is HTTP Basic Authentication?
When visiting a website, protected with Basic Auth the browser will prompt the user to enter a username and password before any resourses are loaded.
The client will then send an Authorization header with each request to the website, to maintain authentication.
This authentication must be over an HTTPS Connection to be secure.
More information on Basic Authentication can be found at Mozilla Docs and IBM Knowledge Center.
Setting up with Caddyfile
Generate a hash of your password
Enter this into the terminal to generate a password hash (This uses the bcrypt hashing algorithm by default):
caddy hash-password
Output Example:
JDJhJDE0JElab2ZPM25zdU40bE5SSURlTHd3OHVBeVJvYTlMN3dMOEFMdFVCRzNYS1l5ODl6TlVyQllH
Caddyfile
Below is a template just replace the Username and Hash, then place it in your Caddyfile.
basicauth * {
bob JDJhJDE0JElab2ZPM25zdU40bE5SSURlTHd3OHVBeVJvYTlMN3dMOEFMdFVCRzNYS1l5ODl6TlVyQllH
}
If you want to secure a certain path, the following syntax can be used:
basicauth /homework/* {
bob JDJhJDE0JElab2ZPM25zdU40bE5SSURlTHd3OHVBeVJvYTlMN3dMOEFMdFVCRzNYS1l5ODl6TlVyQllH
}
Reload Caddy
caddy reload
or
sudo systemctl reload caddy
Docs
Caddy Basic Authentication Docs
Caddy hash-password Docs
Cover Image Credit: https://unsplash.com/@markuswinkler
