How can we help you today?

Basic Authentication on Hypernode Development Plans

Created by: Sophie van Vrijberghe de Coningh

Modified on: Tue, 20 Apr, 2021 at 9:58 AM


Development Hypernodes are configured to offer a Basic Authentication challenge to all visitors. These plans are meant to develop a webshop, to run all the tests you can think of, and to give your customer (the merchant) access during development. Keep in mind though, these development plans cannot be used to go live with a shop.

TABLE OF CONTENTS

Usermanagement

When using Basic Authentication, visitors to the website will have to enter a username and password, before being able to access the site. This is a separate account from any website specific accounts, and in most browsers are displayed as a separate popup.


Default Username and Password

The default credentials for development nodes are:

  • Username: dev
  • Password: dev

We advise you to change the default username and password as soon as possible.


Managing Users and Passwords

Users are stored in a ‘htpasswd’ file, located at /data/web/nginx/htpasswd-development. This file must exist and a valid username and password must be defined within this file in order to be able to login. This file can be managed using the htpasswd command, through the shell.


To add users, or change an existing users’ password, use the command: htpasswd /data/web/nginx/htpasswd-development username.

To remove a users, use the command: htpasswd -D /data/web/nginx/htpasswd-development username


Whitelisting

If you need to connect your development node to external services, API’s, and tooling that do not support basic authentication, it’s possible to whitelist specific IP addresses, user agents, or request paths. Your Hypernode comes preconfigured with a whitelist file that allows you to easily configure your basic auth whitelist, in the file/data/web/nginx/whitelist-development-exception.conf

If your Development node lacks this file, or if your whitelist configuration only contains an IP whitelist, you can find a clean version of this file on our Github. This file also contains examples on how to use the various whitelists.

Whitelist an IP or IP range

To whitelist an IP address from basic authentication, you can add it to the geo statement in the whitelist file. You may also use an IP range, in CIDR notation. Please note you cannot use hostnames in the whitelist.

To find out the IP's that need to be whitelisted, please contact the external service provider, or check your access logs to see what IP's are accessing the website.

Whitelist a User Agent

To whitelist a specific user agent you can add it to the User Agent whitelist map in the whitelist file. We suggest whitelisting a specific term, such as the bot name, or the domainname used in the the user agent, using a regex pattern.

Whitelist an URL

To whitelist a specific URL you can add it to the url whitelist map in the whitelist file. Please note that the whitelist is based on the entire URL, including any arguments. As such, we advise using a regex pattern when whitelisting. 


Troubleshooting

  • Google Pagespeed analysis uses the Google bot user agent and can therefore not be used on development nodes.
  • In some cases, particularly if you have not yet enabled Hypernode Managed Vhosts, it’s possible the Basic Authentication blocks the Let’s Encrypt validation server. If you wish to make use of Let’s Encrypt on your development Hypernode, you should add the ‘letsencrypt’ user agent to the whitelist file.
S
Sophie is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.