diff --git a/node/server.js b/node/server.js
index 08c09ab0..94a9de15 100644
--- a/node/server.js
+++ b/node/server.js
@@ -91,6 +91,9 @@ async.waterfall([
     var httpLogger = log4js.getLogger("http");
     app.configure(function() 
     {
+      // Activate http basic auth if it has been defined in settings.json
+      if(settings.httpAuth != null) app.use(basic_auth);
+
       // If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
       // Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
       if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
@@ -143,6 +146,26 @@ async.waterfall([
         }
       });
     }
+
+    //checks for basic http auth
+    function basic_auth (req, res, next) {
+      if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
+        // fetch login and password
+        if (new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString() == settings.httpAuth) {
+          next();
+          return;
+        }
+      }
+      
+      res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
+      if (req.headers.authorization) {
+        setTimeout(function () {
+          res.send('Authentication required', 401);
+        }, 5000);
+      } else {
+        res.send('Authentication required', 401);
+      }
+    }
     
     //serve read only pad
     app.get('/ro/:id', function(req, res)
diff --git a/node/utils/Settings.js b/node/utils/Settings.js
index 2aef834d..7ef809c9 100644
--- a/node/utils/Settings.js
+++ b/node/utils/Settings.js
@@ -68,6 +68,11 @@ exports.abiword = null;
  */
 exports.loglevel = "INFO";
 
+/**
+ * Http basic auth, with "user:password" format
+ */
+exports.httpAuth = null;
+
 //read the settings sync
 var settingsStr = fs.readFileSync("../settings.json").toString();
 
diff --git a/settings.json.template b/settings.json.template
index da7b32a4..6ebf8ef0 100644
--- a/settings.json.template
+++ b/settings.json.template
@@ -45,4 +45,8 @@
   
   /* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
   "loglevel": "INFO"
+  
+  /* This setting is used if you need http basic auth */
+  // "httpAuth" : "user:pass"
+  
 }