How to remove .htpasswd Protection on Nginx (Ubuntu 18.04)

Endrit Qerreti

Endrit Qerreti

In this tutorial you will learn how to remove .htpasswd file, or disable basic auth for your site, so when you visit your site or section that was password protected you will be able to access it normally without having to put username and password, to do this simply follow the steps below.

Step 1 - Navigate to the Nginx config file

Open the configuration file where you added the basic_auth parameter

sudo nano /etc/nginx/nginx.conf

Step 2 - Disable HTTP Basic Auth

There are two ways to do this

1) By commenting out both parameters auth_basic and auth_basic_user_file

2) By deleting both parameters from location directive

I'd recommend to comment out those lines in case you plan to use them later again, so you don't have to re setup both parameters again.

Next, make sure you don't have any error on the config file by typing the command:

sudo nginx -t

if no errors were found then proceed with nginx restart

sudo systemctl restart nginx

Step 3 - Delete .htpasswd file

To delete the .htpasswd file you can do so by running this command

sudo rm -rf /etc/nginx/.htpasswd

/etc/nginx - is just an example path where .htpasswd is located, make sure you enter the right path

To delete the login only for x user

The command below will delete the login for the user : username, this is helpful when you have multiple logins and you can't delete the .htpasswd completely, so to avoid this from happening simply delete the login for that user.

sudo htpasswd -D /etc/nginx/.httpasswd username


By now you should know how to remove .htpasswd logins  or disable auth basic on Nginx without having to delete the .htpasswd completely.