<h1 id="heading-goal">Goal</h1>
Protect a website page or pages at the edge. Users enter a username and password combination to access pages protected by basic authentication. 
<h1 id="heading-steps">Steps</h1>
<ol>
<li>Go to <code>Stores &gt; Configuration &gt; Advanced &gt; System &gt; Full Page Cache &gt; Fastly Configuration &gt; Custom VCL Snippets</code></li>
<li>Generate a login/password paid by running the following command in terminal:<pre><code>echo -n "login:password" | base64
</code></pre>In this example, the result of execution will be <code>bG9naW46cGFzc3dvcmQ=</code>.</li>
<li>Add the following <code>RECV</code> VCL snippet:<pre><code>if ( req.method != "FASTLYPURGE" &amp;&amp;
 ! req.http.Authorization ~ "Basic bG9naW46cGFzc3dvcmQ=" &amp;&amp;
 req.url.path ~ "%page URI or regexp%") {
 error 772;
}
</code></pre></li>
<li>Add the following <code>ERROR</code> VCL snippet:<pre><code>if (obj.status == 772) {
 set obj.http.Content-Type = "text/html; charset=utf-8";
 set obj.http.WWW-Authenticate = "Basic realm=Secured";
 set obj.status = 401;
 synthetic {"&lt;!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
 "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd"&gt;
 &lt;HTML&gt;
 &lt;HEAD&gt;
 &lt;TITLE&gt;Error&lt;/TITLE&gt;
 &lt;META HTTP-EQUIV='Content-Type' CONTENT='text/html;'&gt;
 &lt;/HEAD&gt;
 &lt;BODY&gt;&lt;H1&gt;401 Unauthorized&lt;/H1&gt;&lt;/BODY&gt;
 &lt;/HTML&gt;
 "};
 return (deliver);
}
</code></pre></li>
<li>Upload VCL to Fastly.</li>
</ol>

# Goal
Protect a website page or pages at the edge. Users enter a username and password combination to access pages protected by basic authentication. 

# Steps
1. Go to `Stores > Configuration > Advanced > System > Full Page Cache > Fastly Configuration > Custom VCL Snippets`
1. Generate a login/password paid by running the following command in terminal:
```
echo -n "login:password" | base64
```
In this example, the result of execution will be `bG9naW46cGFzc3dvcmQ=`.
1. Add the following `RECV` VCL snippet:
```
if ( req.method != "FASTLYPURGE" &&
 ! req.http.Authorization ~ "Basic bG9naW46cGFzc3dvcmQ=" &&
 req.url.path ~ "%page URI or regexp%") {
 error 772;
}
```
1. Add the following `ERROR` VCL snippet:
```
if (obj.status == 772) {
 set obj.http.Content-Type = "text/html; charset=utf-8";
 set obj.http.WWW-Authenticate = "Basic realm=Secured";
 set obj.status = 401;
 synthetic {"<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
 "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
 <HTML>
 <HEAD>
 <TITLE>Error</TITLE>
 <META HTTP-EQUIV='Content-Type' CONTENT='text/html;'>
 </HEAD>
 <BODY><H1>401 Unauthorized</H1></BODY>
 </HTML>
 "};
 return (deliver);
}
```
1. Upload VCL to Fastly.

Igor Sydorenko's blog

Igor Sydorenko's blog

Fastly - Basic authentication for a single page

Goal

Steps