Basic Auth not working?

1. The problem I’m having:

I am running Shell In A Box using a reverse proxy. To make this a little more secure I would like to add basic authentication. The section of my Caddyfile for this looks like so:

domainname.org {
        basicauth /* {
                User $2a$14$qtL.ZzIBdvKaiP4UsbOXOOJl6EiNzNqZw09LXBtkowEa.WKB2Svfm
        }
        reverse_proxy localhost:6175
}

However, this does not appear to do anything and the Shell In A Box page loads with no authentication pop-up

2. Error messages and/or full log output:

*   Trying external.ip.address:443...
* Connected to domainname.org (external.ip.address) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_CHACHA20_POLY1305_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=domainname.org
*  start date: Dec  4 18:34:01 2023 GMT
*  expire date: Mar  3 18:34:00 2024 GMT
*  subjectAltName: host "domainname.org" matched cert's "domainname.org"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0xaaaac914e970)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/2
> Host: domainname.org
> user-agent: curl/7.81.0
> accept: */*
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 200 
< alt-svc: h3=":443"; ma=2592000
< content-type: text/html
< server: Caddy
< date: Fri, 02 Feb 2024 10:04:43 GMT
< 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC.......etc.

3. Caddy version:

v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

Installed via apt repository

a. System environment:

Ubuntu 22.04, systemd

Did you reload Caddy after changing your config?

Yes, with caddy adapt in the folder with the Caddyfile

Oh my goodness. I just realised that I needed to do a caddy reload as well.

Working now. Thank you!

1 Like

All adapt does is show you the JSON version of your config. It doesn’t reload.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.