Caddy HTTP Basic Authentication (basicauth)

Self-Hosting Jan 14, 2021

What is HTTP Basic Authentication?

When visiting a website, protected with Basic Auth the browser will prompt the user to enter a username and password before any recourses are loaded.

The client will then send an Authorization header with each request to the website, to maintain authentication.
This authentication must be over an HTTPS Connection to be secure.

More infomation on Basic Autentication can be found at Mozilla Docs and IBM Knowledge Center.

Setting up with Caddyfile

Generate a hash of your password. McAfee Explanation of Password Hash

Enter this into the terminal to generate a password hash:
caddy hash-password --algorithm bcrypt
You will be prompted to enter your password twice.
Output Example:

Below is a template just replace the Username and Hash, then place it in your Caddyfile.

basicauth * {

If you want to secure a certain path, the following syntax can be used:

basicauth /homework/* {

Reload Caddy
caddy reload

Caddy Basic Authentication Docs
Caddy hash-password Docs

Cover Image Credit:


Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.