Basic Auth not working?

1. The problem I’m having:

I am running Shell In A Box using a reverse proxy. To make this a little more secure I would like to add basic authentication. The section of my Caddyfile for this looks like so:

domainname.org {
        basicauth /* {
                User $2a$14$qtL.ZzIBdvKaiP4UsbOXOOJl6EiNzNqZw09LXBtkowEa.WKB2Svfm
        }
        reverse_proxy localhost:6175
}

However, this does not appear to do anything and the Shell In A Box page loads with no authentication pop-up

2. Error messages and/or full log output:

*   Trying external.ip.address:443...
* Connected to domainname.org (external.ip.address) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_CHACHA20_POLY1305_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=domainname.org
*  start date: Dec  4 18:34:01 2023 GMT
*  expire date: Mar  3 18:34:00 2024 GMT
*  subjectAltName: host "domainname.org" matched cert's "domainname.org"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0xaaaac914e970)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/2
> Host: domainname.org
> user-agent: curl/7.81.0
> accept: */*
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 200 
< alt-svc: h3=":443"; ma=2592000
< content-type: text/html
< server: Caddy
< date: Fri, 02 Feb 2024 10:04:43 GMT
< 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC.......etc.

3. Caddy version:

v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

Installed via apt repository

a. System environment:

Ubuntu 22.04, systemd

Did you reload Caddy after changing your config?

Yes, with caddy adapt in the folder with the Caddyfile

Oh my goodness. I just realised that I needed to do a caddy reload as well.

Working now. Thank you!

1 Like

All adapt does is show you the JSON version of your config. It doesn’t reload.