{"id":3614,"date":"2023-07-06T16:28:01","date_gmt":"2023-07-06T22:28:01","guid":{"rendered":"https:\/\/www.mooreds.com\/wordpress\/?p=3614"},"modified":"2023-07-30T09:39:35","modified_gmt":"2023-07-30T15:39:35","slug":"protecting-a-cdn-source-using-basic-auth","status":"publish","type":"post","link":"https:\/\/www.mooreds.com\/wordpress\/archives\/3614","title":{"rendered":"Protecting a CDN source using basic auth"},"content":{"rendered":"

I have a website that is behind a content delivery network (CDN). I want to protect it from being crawled by any robots. I want all access to go through the CDN for reasons. There may be errant links to the source; I don’t care if they continue to work.<\/p>\n

htaccess<\/code> and basic auth is perfect for this situation.<\/p>\n

I added an .htaccess<\/code> file that looks like this:<\/p>\n

AuthType Basic\r\nAuthName \"Secure Content\"\r\nAuthUserFile \/path\/to\/.htpasswd\r\nrequire valid-user<\/code><\/pre>\n
I needed to make sure the path and the file are readable by the web server user.<\/p>\n
Then, I added a .htpasswd<\/code> entry that looks like this:<\/p>\n
user:passwdvalue<\/code><\/pre>\n
If you don’t have access to htpasswd<\/code>, the typical program used to generate the password value, this site will generate one for you<\/a>.<\/p>\n
Then, I had to configure my CDN to give it the appropriate header.<\/p>\n
Use the Authorization header, and make sure to pass the username and the password. This site will generate the appropriately base64 encoded values<\/a>.<\/p>\n
Voila. Only the CDN has access. <\/p>\n
Now, the flaws:<\/p>\n