• Skip to content
  • Skip to primary sidebar
  • Skip to footer

Webinoly

Optimized WebServer

  • Installation
    • Quick setup
    • Documentation
      • Httpauth
      • Log
      • Site
      • Stack
      • Webinoly
    • API Reference
    • Changelog
  • Contribute
  • Support
    • Support forum
    • Github
    • FAQs
  • Español
Home » Documentation » HttpAuth

HTTP Authentication

The “HttpAuth” command allows us to manage users with permission to access pages protected by the HTTP authentication method, in addition to controlling the activation of this additional security layer in the tools access pages such as PhpMyAdmin and wp-admin or wp-login. Basically it is to protect some sections of your site requesting a user and password to be able to access its content.

If you want to know a little more about this method of authentication, I recommend you read the Wikipedia article about Basic Access Authentication.

Syntax:

sudo httpauth <option>

Options:

  • -add
  • -delete
  • -list
  • -wp-admin
  • -whitelist

Example:

sudo httpauth -add
sudo httpauth -wp-admin=off

Create user

To create a user and password for access to sections protected with HTTP Authentication, use this command.

sudo httpauth -add
# Tip - For unattended scripts.
sudo httpauth -add=[user,password]

Delete user

To delete a user use the following command.

sudo httpauth -delete
# Tip - For unattended scripts.
sudo httpauth -delete=user

List of users

Displays a list of all users created with access to HTTP Authentication.

sudo httpauth -list

Enable Authentication in WordPress Login

By default in the initial installation this security layer is activated, if for some reason you have disabled it and want to reactivate it, use the following command.

sudo httpauth -wp-admin=on

The reason for having this double authentication for access to the management sections of WordPress, although we know that HTTP Authentication is not the most reliable method of security, it is due to the large number of automated attacks that receive this type of pages and also very simple to implement and use by end users.

If you have a WordPress site that already has some time online and check your access logs in the server, I am sure you will find a considerable number of failed attempts to access this section. Because they are automated “bots” they randomly crawl almost the entire web, when they encounter this extra layer of security they lose interest and continue on their way.

It is worth mentioning that this type of security will not protect you from more sophisticated attacks or someone with a genuine interest and knowledge to perform this type of malicious attacks. Security is a very serious issue and if you consider that your server and website store sensitive data or information, it is advisable to go with a security expert.

Disable Authentication in WordPress Login

We know that sometimes this extra layer of security can be annoying for some users, if you need to disable the HTTP Authentication in WordPress login pages, you can use the following command.

sudo httpauth -wp-admin=off

Remember that you can always re-enable this function.

Whitelist IP

To add an IP to the secure list and don’t be asked for your credentials everytime HTTP Authentication is required.

sudo httpauth -whitelist

Or you can also pass the IP directly: sudo httpauth -whitelist=10.126.196.2

If you want to remove a previously added IP.

sudo httpauth -whitelist-remove

Any doubts about the use of Webinoly do not hesitate to consult or ask through the support forum.

 

Primary Sidebar

Support Forum

Visit our Community and Support Forum.

Consult any doubts about the use of Webinoly and your web server. We or someone in the community will always try to answer your questions as soon as possible.

Likewise, we welcome your suggestions and comments.

Documentation

  • API Reference
  • Installation
  • Documentation
    • Create and manage your website
    • HTTP Authentication
    • Packages installed
    • Real time Logs
    • Webinoly Settings
  • Frecuently Asqued Questions

News

Feb 10th/2019 - Webinoly v1.7.2 is out now with important improvements. Update now!

Dec 28th/2018 - Webinoly v1.7.1 is out now with some minor fixes. Update now!

Dec 20th/2018 - Webinoly v1.7.0 is out now including some awesome new features. Update now!

Nov 2th/2018 - Webinoly v1.6.2 is out now with some improvements and fixes. Update now!

Oct 31th/2018 - Webinoly v1.6.1 is out now with some improvements and fixes. Update now!

Sep 3th/2018 - Webinoly v1.6.0 has been released with awesome new features and improvements. Update now!

Aug 1th/2018 - Webinoly API has been realeased, the easiest way to integrate Webinoly in your projects.

Jul 9th/2018 - Webinoly v1.5.1 has been released with some improvements and fixes. Update now!

Jun 27th/2018 - Webinoly v1.5.0 has been released with awesome new features and improvements. Update now!

Footer

Documentation

Your Optimized LEMP WebServer in just one step. Please, read the installation and quick setup guide and in less than 5 minutes your server will be ready.

List of Commands:

HttpAuth · Log · Site · Stack · Webinoly

Paypal Donations - Buy me a beer

Your regular donations is what keep this project moving forward. If you like Webinoly, buy me a coffee or a beer to show support.

Bitcoin Donations

Contact

  • Facebook
  • GitHub
  • Twitter

If you have a question about Webinoly, please use our Support Forum.

Likewise, we welcome your suggestions and comments.

© Copyright 2017-2019 by QROkes
Powered by: WordPress · Genesis Framework · Webinoly
Terms of Use | Privacy Policy | Legal warning