Windows 2025
Sponsored Link

IIS : Basic Authentication2024/12/18

 

Set Basic Authentication to a folder to require authentication for users.

On Basic Authentication, username and password sends with plain text, so it should be configured SSL setting, too. Refer to here for SSL config.

[1] Run PowerShell with Admin Privilege and Configure.
On this example, Configure settings that create a [auth_basic] folder under the [RX-7.srv.world] site and set Basic Authentication to the Folder.
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

# install Basic Authentication feature
PS C:\Users\Administrator> Install-WindowsFeature Web-Basic-Auth 

Success Restart Needed Exit Code      Feature Result
------- -------------- ---------      --------------
True    No             Success        {Basic Authentication}

# restart IIS
PS C:\Users\Administrator> Restart-Service W3SVC 

PS C:\Users\Administrator> Get-Website 

Name             ID   State      Physical Path                  Bindings
----             --   -----      -------------                  --------
Default Web Site 1    Started    %SystemDrive%\inetpub\wwwroot  http *:80:
RX-7.srv.world   2    Started    C:\inetpub\newsite             http *:80:rx-7.srv.world
                                                                https *:443:rx-7.srv.world sslFlags=0

# create [auth_basic] folder
PS C:\Users\Administrator> New-Item -ItemType Directory -Path "IIS:\Sites\RX-7.srv.world\auth_basic" 

    Directory: WebAdministration::\\RX-7\Sites\RX-7.srv.world


Mode                 LastWriteTime         Length Name
----                 -------------         ------ ----
d-----        12/17/2024   5:30 PM                auth_basic

# disable anonymous authentication for target folder
PS C:\Users\Administrator> Set-WebConfigurationProperty -Filter '/system.webServer/security/authentication/anonymousAuthentication' -Location "RX-7.srv.world/auth_basic" -Name enabled -Value False 

# enable basic authentication for target folder
PS C:\Users\Administrator> Set-WebConfigurationProperty -Filter '/system.webServer/security/authentication/basicAuthentication' -Location "RX-7.srv.world/auth_basic" -Name enabled -Value True 

# restart the target Web site
PS C:\Users\Administrator> Restart-WebItem -PSPath 'IIS:\Sites\RX-7.srv.world' 

# create a test page
PS C:\Users\Administrator> Write-Output "Basic Authentication Test Page" | Out-File C:\inetpub\newsite\auth_basic\index.html -Encoding Default 

# verify accesses ⇒ [-u (username)]
PS C:\Users\Administrator> curl.exe -u Serverworld https://rx-7.srv.world/auth_basic/ 
Enter host password for user 'Serverworld':     # user password
Basic Authentication Test Page
IIS : Basic Authentication (GUI)
 

On GUI configuration, set like follows.

[2] Run [Start] - [Server Manager] and enter [Add roles and features], then check a box [Basic Authentication] and install it.
[3] After installing, restart IIS.
[4]

Create a folder that you'd like to set Basic Authentication.
On this example, create a [auth_basic] folder for it. Also add NTFS access permission for users or groups you'd like to allow to access to the folder.

Run [Start] - [Server Manager] and Click [Tools] - [Internet Information Services (IIS) Manager], and then Select a folder you'd like to set Basic Authentication on the left pane and then Open to click [Authentication] on the center pane.
[5] Disable [Anonymous Authentication] and Enable [Basic Authentication] like follows. And then restart the target site.
[6] Create a test page under the folder you set Basic Authentication and verify accesses. Authenticate with a user you set to allow accesses.
[7] That's OK if successfully authenticate and test page is shown normally.
Matched Content