How secure is a vanilla install of nginx with .htaccess authentication?

posted 1 year ago

I have installed nginx on an Arch Linux VPS with Vultr. I intend to use it to serve files to myself and two colleagues. I have setup three accounts for us all with login names and passwords via the .htaccess and .htpasswd files. I will also be adding a certificate with let’s encrypt before the server will be used.

The data we will be sharing is commercially sensitive. Is there anything else I need to worry about? Is there anything else I can do to harden the server?

Sort:

Hot Top Controversial New Old

You are viewing a single thread.

View all comments

[ - ]

Spacelord09@alien.topB

1 point

1 year ago

nginx doesnt know .htaccess files. You need to configure this in the nginx config. You can use a .htpasswd with some basic auth to get the job done. But I would use something like nextcloud for your usecase. If you need help with nginx config, just ask 😉

permalink

report

Self-Hosted Main

!main@selfhosted.forum

Create post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

Community stats

14
Monthly active users
1.8K
Posts
11K
Comments

Community moderators

communick@selfhosted.forum