How to remove password Protection on Nginx

Endrit Qerreti

Endrit Qerreti

Password protection in Nginx allows you to password protect your site, so whenever someone visits your site, they won't be able to access it without knowing login credentials.

Disabling or removing password protection on Nginx, is done in cases when you don't want to enter username and password to access your site or a section on your site.

In this tutorial you will learn how to remove .htpasswd file, or disable basic auth for your site.

Step 1 - Open nginx.conf via nano

Open the configuration file where you added the basic_auth parameter

sudo nano /etc/nginx/nginx.conf

note: we are using nano text editor for this tutorial. However, feel free to replace nano with any text editor you want.

Step 2 - Disable HTTP Basic Auth

Now that nginx.conf is opened via nano text editor, you can proceed to disable the HTTP basic authentication on this file.

Disabling HTTP basic Auth is very easy to do, and it can be done via two different methods.

Method 1 (Recommended)

Comment out both parameters auth_basic and auth_basic_user_file on nginx.conf

💡
Note: We recommend to comment out those lines in case you plan to use them later again, so you don't have to re setup both parameters again.

Save changes when done, by pressing CTRL + X.

Method 2

Another way of disabling basic auth on nginx, is by using auth_basic off;.

Next, make sure you don't have any error on the config file by executing the command below.

sudo nginx -t

if no errors were found then proceed to restart nginx.

sudo systemctl restart nginx

Delete login for a single user

The command below will delete the login for a single user, this is helpful when you have multiple logins, and you can't delete the .htpasswd completely, so to avoid this from happening simply delete the login for that user.

sudo htpasswd -D /etc/nginx/.httpasswd username
💡
Note: replace username with your username.

Conclusion

In this tutorial, you learned how to disable password protection on Nginx, and also how to delete the login for a single user on .htpasswd file.