Apache用户认证
1.修改虚拟主机配置文件
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf <VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
<Directory /data/wwwroot/111.com> #指定目录
AllowOverride AuthConfig #打开认证
AuthName "111.com user auth" #自定义认证名字
AuthType Basic #认证类型,一般Basic
AuthUserFile /data/.htpasswd #指定密码文件位置
require valid-user #指定需要认证的用户为全部可用用户
</Directory>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
2.创建密码文件
[[email protected] ~]# /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd weixing #-c创建,-m 加密方式
New password:
3.重新加载
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
4.测试发现无法打开,通过检查发现是防火墙问题,需要打开80端口:
[[email protected] ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
5.通过curl测试:401代表需要验证
[[email protected] ~]# curl -x127.0.0.1:80 111.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn‘t understand how to supply
the credentials required.</p>
</body></html>
[[email protected] ~]# curl -x127.0.0.1:80 111.com -I
HTTP/1.1 401 Unauthorized
Date: Fri, 02 Mar 2018 16:00:10 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
WWW-Authenticate: Basic realm="111.com user auth"
Content-Type: text/html; charset=iso-8859-1
6.curl通过命令输入密码:
[[email protected] ~]# curl -x127.0.0.1:80 -uweixing:w 111.com
111.com[[email protected] ~]#
[[email protected] ~]# curl -x127.0.0.1:80 -uweixing:w 111.com -I
HTTP/1.1 200 OK
Date: Fri, 02 Mar 2018 16:01:50 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
7.针对单个文件进行认证:
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
# <Directory /data/wwwroot/111.com>
<FilesMatch 123.php>
AllowOverride AuthConfig
AuthName "111.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</FilesMatch>
# </Directory>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
8.编辑需要加密的文件
[[email protected] ~]# vim /data/wwwroot/111.com/123.php
9.进行测试
访问111.com不用输入密码了
[[email protected] ~]# curl -x127.0.0.1:80 111.com
111.com[[email protected] ~]# curl -x127.0.0.1:80 111.com -I
HTTP/1.1 200 OK
Date: Fri, 02 Mar 2018 16:07:38 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
访问123.php才需要
[[email protected] ~]# curl -x127.0.0.1:80 111.com/123.php
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn‘t understand how to supply
the credentials required.</p>
</body></html>
[[email protected] ~]# curl -x127.0.0.1:80 -uweixing:wei1 111.com/123.php
123.php[[email protected] ~]# curl -x127.0.0.1:80 -uweixing:wei1 111.com/123.php -I
HTTP/1.1 200 OK
Date: Fri, 02 Mar 2018 16:08:50 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
域名跳转
1.编辑虚拟主机配置文件
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
# </FilesMatch>
# </Directory>
<IfModule mod_rewrite.c>
RewriteEngine on #打开rewrite功能
RewriteCond %{HTTP_HOST} !^111.com$ #定义跳转
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L] #301代表永久生效,302临时生效,L表示一次
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
2.编辑模块加载rewrite
[[email protected] ~]# vi /usr/local/apache2.4/conf/httpd.conf
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
3.实现跳转:
[[email protected] ~]# curl -x127.0.0.1:80 111.com
111.com[[email protected] ~]# curl -x127.0.0.1:80 www.example.com -I
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Mar 2018 01:14:16 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
Location: http://111.com/
Content-Type: text/html; charset=iso-8859-1
[[email protected] ~]# curl -x127.0.0.1:80 www.example.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://111.com/">here</a>.</p>
</body></html>
访问日志
1.查看日志:
[[email protected] ~]# ls /usr/local/apache2.4/logs/
111.com-access_log abc.com-access_log access_log httpd.pid
111.com-error_log abc.com-error_log error_log
[[email protected] ~]# cat /usr/local/apache2.4/logs/111.com-access_log
192.168.188.130 - - [01/Mar/2018:22:31:57 +0800] "GET HTTP://www.example.com/ HTTP/1.1" 200 7
127.0.0.1 - - [02/Mar/2018:23:18:25 +0800] "GET HTTP://111.com/ HTTP/1.1" 401 381
127.0.0.1 - - [02/Mar/2018:23:18:44 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 -
127.0.0.1 - - [02/Mar/2018:23:36:39 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 -
192.168.188.130 - - [02/Mar/2018:23:38:10 +0800] "GET HTTP://111.com/ HTTP/1.1" 401 381
192.168.188.1 - - [02/Mar/2018:23:42:54 +0800] "GET / HTTP/1.1" 401 381
192.168.188.1 - weixing [02/Mar/2018:23:43:22 +0800] "GET / HTTP/1.1" 200 7
192.168.188.1 - - [02/Mar/2018:23:43:23 +0800] "GET /favicon.ico HTTP/1.1" 401 381
192.168.188.1 - weixing [02/Mar/2018:23:43:35 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.188.1 - weixing [02/Mar/2018:23:43:39 +0800] "GET / HTTP/1.1" 200 7
192.168.188.1 - weixing [02/Mar/2018:23:43:39 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.188.1 - weixing [02/Mar/2018:23:43:41 +0800] "GET / HTTP/1.1" 200 7
192.168.188.1 - weixing [02/Mar/2018:23:43:41 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.188.1 - weixing [02/Mar/2018:23:43:49 +0800] "GET / HTTP/1.1" 200 7
192.168.188.1 - weixing [02/Mar/2018:23:43:49 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.188.1 - weixing [02/Mar/2018:23:43:59 +0800] "GET / HTTP/1.1" 200 7
192.168.188.1 - weixing [02/Mar/2018:23:43:59 +0800] "GET /favicon.ico HTTP/1.1" 404 209
2.另一种格式的日志:
192.168.188.1 - - [03/Mar/2018:09:35:06 +0800] "GET / HTTP/1.1" 200 7 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.8.1000 Chrome/30.0.1599.101 Safari/537.36"
192.168.188.1 - - [03/Mar/2018:09:35:06 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.8.1000 Chrome/30.0.1599.101 Safari/537.36"
192.168.188.1 - - [03/Mar/2018:09:35:07 +0800] "GET / HTTP/1.1" 200 7 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.8.1000 Chrome/30.0.1599.101 Safari/537.36"
192.168.188.1 - - [03/Mar/2018:09:35:07 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.8.1000 Chrome/30.0.1599.101 Safari/537.36"
192.168.188.1 - - [03/Mar/2018:09:35:08 +0800] "GET / HTTP/1.1" 200 7 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.8.1000 Chrome/30.0.1599.101 Safari/537.36"
192.168.188.1 - - [03/Mar/2018:09:35:08 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.8.1000 Chrome/30.0.1599.101 Safari/537.36"
原文地址:http://blog.51cto.com/13517254/2082204
时间: 2024-08-30 10:27:53