Basic authentication

2 min read Updated 3 weeks ago

Basic authentication

Ploi Cloud allows you to protect your application with HTTP basic authentication. When enabled, visitors are prompted for a username and password before they can access any page on your site.

When to use basic authentication

Basic authentication is useful for:

  • Protecting staging or development environments from public access
  • Adding a layer of access control to internal tools or admin panels
  • Temporarily restricting access during maintenance periods
  • Previewing sites before public launch

Enabling basic authentication

  1. Navigate to your application in the Ploi Cloud dashboard
  2. Go to the "Security" tab
  3. Scroll down to the "Basic authentication" section
  4. Enter a username and password
  5. Save your settings
  6. Deploy your application to apply the changes

After deployment, visitors will see a browser login prompt when accessing your site.

Username requirements

  • Minimum 3 characters, maximum 64 characters
  • Only letters, numbers, underscores, and dashes are allowed
  • Examples: admin, staging-user, preview_access

Password requirements

  • Minimum 8 characters
  • Maximum 128 characters
  • Use a strong password that combines letters, numbers, and special characters

Updating credentials

You can update your basic authentication settings at any time:

  • Changing the username: Enter the new username and save. If basic authentication is already enabled, you can change the username without entering a new password - the current password will be kept.
  • Changing the password: Enter the new password and save. The password field is always cleared for security, so you'll need to re-enter the password when making changes.
  • Both: Enter both a new username and password.

After saving, deploy your application to apply the changes.

Disabling basic authentication

To remove the password protection:

  1. Go to the "Security" tab
  2. Clear the username field (leave it empty)
  3. Save your settings
  4. Deploy your application

The password prompt will no longer appear when visitors access your site.

How it works

When basic authentication is enabled, your application's web server is configured to require credentials before serving any content. The credentials are securely hashed and stored, and the authentication check happens at the infrastructure level before requests reach your application code.

The browser stores the entered credentials for the duration of the session, so users don't need to re-enter them for every page load.