Password protect with Digest

In this article, we can find out, how to configure digest authentication for httpd 2.4 in CentOS 7.

This setup is not a definitive one, there are other ways to do this based on your needs.

Virtual host setup

In your VirtualHost setup add the following lines:

<Directory /your/path/to/website>
          AuthType Digest
          AuthName "Staging"
          AuthDigestDomain /
          AuthDigestProvider file
          AuthUserFile "/etc/httpd/conf.d/digest_pwd"
          Require valid-user
      </Directory>

As a side note, on the AuthName “Staging” variable, if you want to know more about realms please check on this link RFC

Digest password file

To create the password file, we need a tool called htdigest. One tiny important thing here, is to use the same name from AuthName that is configured in your VirtualHost directive, in this case Staging. This command will create, since we have -c option, a file with a username,realm and an MD5 password. If we want to change the password, we have to use htdigest without -c option.

htdigest -c /etc/httpd/conf.d/digest_pwd Staging username

The password file will lokk like:

username:Staging:5529876863381af78c23118f246f4473

When everything is finished, just reload your server configuration.

Debug

Check the Apache loaded modules.

Since we need mod_auth_basic to be loaded in Apache, we can check this with the following command:

server@root#grep mod_auth_digest /etc/httpd/conf.modules.d/*

And the output should look like this:

/etc/httpd/conf.modules.d/00-base.conf:LoadModule auth_digest_module modules/mod_auth_digest.so