To password protect a directory xyz and every file and subdirectory in it open the configuration file (nginx.conf or one of the virtual host configuration files) and add the following two lines: location /xyz/ { auth_basic "Restricted Area"; auth_basic_user_file conf.d/htpasswd; } htpasswd file must be encrypted, it can be created using a tool named htpasswd. [root@xenserver ~]# cd /etc/nginx/conf.d/ [root@xenserver ~]# htpasswd -b htpasswd user password