How to Protect Your Ruby on Rails Staging App with Password

Krzysztof Urban

Jun 1, 2016 • 3 min read

There are situations when you are in need of password protection for staging apps. For example, you need to show something only to your client.

In this quick tutorial, I will show you how to password protect your application in Nginx using htpasswd

Step 1

Generate the htpasswd file. I assume your application is placed in its home folder.

$ htpasswd -c /home/PROJECT_NAME/htpasswd PROJECT_NAME
You will be asked for a password twice.

The file you generated will store the user login (PROJECT_NAME in our case) and a hash of the password, so it's not retrievable.

If you need to reset the password, you can run the command again with the existing file:

$ htpasswd /home/PROJECT_NAME/htpasswd PROJECT_NAME

Note that the -c switch is no longer used.

Step 2

Configure Nginx to use the htpasswd file.

Here's an exemplary Nginx configuration:

server {

  location / {
    auth_basic "Restricted";
    auth_basic_user_file /home/PROJECT_NAME/htpasswd;

  }
}

Step 3

Once you have made changes to the Nginx configuration, you need to reload it. The command you need to run is as follows:

$ sudo /etc/init.d/nginx reload
Once it's done, you should be all set. When you go to the site you just configured, you should get a modal like this one:


Type in the PROJECT_NAME as your username and the password you configured and you will be let in.

Related topics

More posts by this author

Krzysztof Urban

Codestories Newsletter

Read more on our Blog


Check out the knowledge base collected and distilled by experienced professionals.