httpd的用户认证
- 网站的特殊页面需要二级认证
-
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //编辑111.com虚拟主机
<VirtualHost *:80> DocumentRoot "/data/wwwroot/111.com" ServerName 111.com <Directory /data/wwwroot/111.com> #//指定认证的目录 AllowOverride AuthConfig #//这个相当于打开认证的开关 AuthName "111.com user auth" #//自定义认证的名字,作用不大 AuthType Basic #//认证的类型,一般为Basic,其他类型阿铭没用过 AuthUserFile /data/.htpasswd #//指定密码文件所在位置 require valid-user #//指定需要认证的用户为全部可用用户 </Directory> </VirtualHost> - /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd aming //创建/data/.htpasswd密码文件,并加入用户aming,设置密码为MD5加密。
[[email protected] ~]# /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd aming New password: Re-type new password: Adding password for user aming [[email protected] ~]# cat /data/.htpasswd aming:$apr1$IcrnKsgm$peDVR4iChx.0E9/zaD.HK. - /usr/local/apache2.4/bin/apachectl -t
- /usr/local/apache2.4/bin/apachectl graceful
- 测试
[[email protected] ~]# curl -x127.0.0.1:80 -uaming:123456 111.com 111.com[[email protected] ~]# curl -x127.0.0.1:80 111.com -I HTTP/1.1 401 Unauthorized ##401表示这个页面需要用户认证 Date: Mon, 31 Jul 2017 15:03:56 GMT Server: Apache/2.4.27 (Unix) PHP/7.1.6 WWW-Authenticate: Basic realm="111.com user auth" Content-Type: text/html; charset=iso-8859-1 [[email protected] ~]# curl -x127.0.0.1:80 -uaming:123456 111.com 111.com[[email protected] ~]# - 对单个文件进行认证
<VirtualHost *:80> DocumentRoot "/data/wwwroot/www.123.com" ServerName www.123.com <FilesMatch admin.php> #//对admin.php页面进行认证 AllowOverride AuthConfig AuthName "123.com user auth" AuthType Basic AuthUserFile /data/.htpasswd require valid-user </FilesMatch> </VirtualHost>
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# curl -x127.0.0.1:80 111.com/admin.php -I
HTTP/1.1 401 Unauthorized
Date: Mon, 31 Jul 2017 15:26:10 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
WWW-Authenticate: Basic realm="111.com user auth"
Content-Type: text/html; charset=iso-8859-1
[[email protected] ~]# curl -x127.0.0.1:80 -uaming:123456 111.com/admin.php
admin.php[[email protected] ~]# 域名跳转
- 需求,把123.com域名跳转到www.123.com,配置如下:
<VirtualHost *:80> DocumentRoot "/data/wwwroot/www.123.com" ServerName www.123.com ServerAlias 123.com <IfModule mod_rewrite.c> //需要mod_rewrite模块支持 RewriteEngine on //打开rewrite功能 RewriteCond %{HTTP_HOST} !^www.123.com$ //定义rewrite的条件,主机名(域名)不是www.123.com满足条件 RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满足上面的条件时,这条规则才会执行 </IfModule> </VirtualHost> - /usr/local/apache2/bin/apachectl -M|grep -i rewrite //若无该模块,需要编辑配置文件httpd.conf,删除rewrite_module (shared) 前面的#
- 重新加载配置-t , graceful
- curl -x127.0.0.1:80 -I 123.com //状态码为301永久跳转,302临时跳转,401需要验证,404页面不存在,403未授权,
apache访问日志记录用户的每一个请求
- vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common 默认是common,改为combined,h来源ip,u用户,t是时间,r行为,s是状态码,b是大小,Referer是进入当前页面得上一个页面得地址,User-Agent用户代理 即用户使用的浏览器,curl命令等 - 把虚拟主机配置文件改成如下:
<VirtualHost *:80> DocumentRoot "/data/wwwroot/www.123.com" ServerName www.123.com ServerAlias 123.com CustomLog "logs/123.com-access_log" combined </VirtualHost> - 重新加载配置文件 -t,graceful
- curl -x127.0.0.1:80 -I 123.com
- tail /usr/local/apache2.4/logs/123.com-access_log
扩展
原文地址:http://blog.51cto.com/akui2521/2121886
时间: 2024-09-29 21:03:28