servd

Documentation

Documentation > Project Security >

HTTP Basic Authentication

Often you might want to prevent the general public from accessing your project, particularly if it's work-in-progress. To allow that, Servd provides the option to provide enable "HTTP Basic Authentication" a.k.a. basic auth, which is supported by nearly all browsers. By default, basic auth is enabled on staging.

Toggling Basic Auth #

  1. Navigate to your production, staging or development environment settings page, depending on which environment you want to enable basic auth on.

  2. Scroll down to the "Basic Auth" section.

  3. Flick the slider in the right hand corner to enable Basic Auth.

  4. Sync your project to deploy the change.

  5. Copy your username and password details from on your project's overview page.

  6. Access one of your project URLs for your chosen environment. You should now see a basic auth prompt asking for a username and password.

  7. Submit the username and password, and you're in!

Updating Basic Auth Credentials #

If you'd like to update the Basic Auth username and password, follow these steps:

  1. Navigate to your production, staging or development environment settings page, depending on which environment you're looking to update.

  2. Scroll down to the "Basic Auth" section.

  3. Update the Username and/or Password.

    If Basic Auth is disabled, flip the toggle switch to reveal the Username and Password fields.

  4. Click the "Save" button.

  5. Sync your project to deploy the change.

Restricting to Paths #

If you'd like to add basic auth to some of your project's pages, but not all of them, then you're in luck:

  1. Navigate to your production, staging or development environment settings page, depending on which environment you're looking to update.

  2. Scroll down to the "Basic Auth" section.

  3. Add a path regex pattern to the "Restrict to Paths (regex)" list.

  4. Click the "Save" button.

  5. Sync your project to deploy the change.

If the path of a request matches any of the regex patterns in the list, then a basic auth challenge will be presented. If the basic auth is also restricted to the vanity domain, then the regex patterns will only match if the request is made to the vanity domain.

Restrict to Vanity Domain #

Occasionally, you may want to restrict access to your project via it's servd.dev vanity domain. An easy way to do this is by checking the "Restrict to <your project's vanity domain" basic auth option. This guarantees crawlers and other nosey folk will only seeing the site via your custom domains.