0
0
Nginxdevops~20 mins

Basic authentication in Nginx - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Basic Authentication Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
💻 Command Output
intermediate
2:00remaining
What is the output of this command to create a password file?
You run the command htpasswd -c /etc/nginx/.htpasswd user1 and enter the password pass123. What will be the content format of the file /etc/nginx/.htpasswd?
Nginx
htpasswd -c /etc/nginx/.htpasswd user1
AA file with the username and an encrypted password hash, e.g., user1:$apr1$randomhash
BA JSON file containing username and password fields
CA plain text file with the username and password separated by a colon, e.g., user1:pass123
DAn XML file with user credentials inside tags
Attempts:
2 left
💡 Hint
The password is not stored in plain text but hashed for security.
Configuration
intermediate
2:00remaining
Which nginx configuration snippet correctly enables basic authentication for /admin path?
You want to protect the /admin URL path with basic authentication using the password file at /etc/nginx/.htpasswd. Which configuration snippet will work?
A
location /admin {
  auth_basic "Restricted Area";
  auth_basic_user_file /etc/nginx/.htpasswd;
  allow all;
}
B
location /admin {
  auth_basic "Restricted Area";
  auth_basic_user_file /etc/nginx/passwd;
}
C
location /admin {
  auth_basic "Restricted Area";
  auth_basic_user_file /etc/nginx/.htpasswd;
}
D
location /admin {
  auth_basic_user_file /etc/nginx/.htpasswd;
  auth_basic off;
}
Attempts:
2 left
💡 Hint
Check that auth_basic is enabled and the correct file path is used.
Troubleshoot
advanced
2:00remaining
Why does nginx ignore basic authentication despite correct config?
You configured nginx with basic authentication for /secure path, but users can access it without a password prompt. What is the most likely cause?
AThe auth_basic directive is inside a location block but the location is overridden by another location without auth_basic.
BThe password file /etc/nginx/.htpasswd is empty.
CThe nginx service was restarted after configuration changes.
DThe client browser does not support basic authentication.
Attempts:
2 left
💡 Hint
Check if another location block matches the request without authentication.
🔀 Workflow
advanced
2:00remaining
What is the correct workflow to enable basic authentication on nginx?
Arrange the steps in the correct order to enable basic authentication on nginx for a website.
A2,1,3,4
B1,2,3,4
C1,3,2,4
D2,3,1,4
Attempts:
2 left
💡 Hint
Think about creating credentials before telling nginx to use them.
Best Practice
expert
2:00remaining
Which practice improves security when using basic authentication with nginx?
Basic authentication sends credentials encoded but not encrypted. Which practice best improves security when using it?
ADisable logging in nginx to avoid recording authentication attempts.
BUse longer usernames and passwords in the htpasswd file.
CStore the password file in the web root directory for easy access.
DUse HTTPS (TLS) to encrypt the connection so credentials are protected in transit.
Attempts:
2 left
💡 Hint
Think about protecting data sent over the network.