2018-04-13 Linux學習
阿新 • • 發佈:2018-04-14
Linux學習11.18 Apache用戶認證
<FilesMatch aming.php> //指定認證的目錄
AllowOverride AuthConfig //這個相當於打開認證的開關
AuthName "111.com user auth" //自定義認證的名字,作用不大
AuthType Basic //認證的類型,一般為Basic,其他類型阿銘沒用過
AuthUserFile /data/.htpasswd //指定密碼文件所在位置
Require valid-user //指定需要認證的用戶為全部可用用戶
</FilesMatch>
ErrorLog "logs/111.com-error_log"
</VirtualHost>
httpd的用戶認證
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把111.com那個虛擬主機編輯成如下內容 <VirtualHost *:80> DocumentRoot "/data/wwwroot/111.com" ServerName 111.com <Directory /data/wwwroot/111.com> //指定認證的目錄 AllowOverride AuthConfig //這個相當於打開認證的開關 AuthName "111.com user auth" //自定義認證的名字,作用不大 AuthType Basic //認證的類型,一般為Basic,其他類型阿銘沒用過 AuthUserFile /data/.htpasswd //指定密碼文件所在位置 Require valid-user //指定需要認證的用戶為全部可用用戶 </Directory> ErrorLog "logs/111.com-error_log" CustomLog "logs/111.com-access_log" common </VirtualHost>
/usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd aming
重新加載配置
/usr/local/apache2.4/bin/apachectl -t
/usr/local/apache2.4/bin/apachectl graceful
綁定hosts,瀏覽器測試
curl -x127.0.0.1:80 111.com -I //狀態碼為401
curl -x127.0.0.1:80 -uaming:passwd 111.com -I //狀態碼為200httpd的用戶認證
還可以針對單個文件進行認證
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
<FilesMatch aming.php> //指定認證的目錄
AllowOverride AuthConfig //這個相當於打開認證的開關
AuthName "111.com user auth" //自定義認證的名字,作用不大
AuthType Basic //認證的類型,一般為Basic,其他類型阿銘沒用過
AuthUserFile /data/.htpasswd //指定密碼文件所在位置
Require valid-user //指定需要認證的用戶為全部可用用戶
</FilesMatch>
ErrorLog "logs/111.com-error_log"
</VirtualHost>
操作過程
[root@aming-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
<Directory /data/wwwroot/111.com>
AllowOverride AuthConfig
AuthName "111.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
Require valid-user
</Directory>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@aming-01 ~]# curl -x127.0.0.1:80 111.com -I
HTTP/1.1 401 Unauthorized
Date: Thu, 22 Mar 2018 20:10:27 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.34
WWW-Authenticate: Basic realm="111.com user auth"
Content-Type: text/html; charset=iso-8859-1
[root@aming-01 ~]# curl -x127.0.0.1:80 -uaming:123 111.com -I
HTTP/1.1 200 OK
Date: Thu, 22 Mar 2018 20:10:48 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.34
X-Powered-By: PHP/5.6.34
Content-Type: text/html; charset=UTF-8
[root@aming-01 ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT11.19-20 域名跳轉
域名跳轉
需求,把123.com域名跳轉到www.123.com,配置如下:
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
<IfModule mod_rewrite.c> //需要mod_rewrite模塊支持
RewriteEngine on //打開rewrite功能
RewriteCond %{HTTP_HOST} !^www.123.com$ //定義rewrite的條件,主機名(域名)不是www.123.com滿足條件
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定義rewrite規則,當滿足上面的條件時,這條規則才會執行
</IfModule>
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
/usr/local/apache2.4/bin/apachectl -M|grep -i rewrite //若無該模塊需要編輯配置文件 http.conf ,刪除 rewrite_module(shared) 前面的#
curl -x127.0.0.1:80 -I 123.com //狀態碼為301操作過程
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.exampl.com 2111.com.cn
#<Directory /data/wwwroot/111.com>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# Require valid-user
#</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -M|grep -i rewrite
[root@aming-01 ~]# vim /usr/local/apache2.4/conf/httpd.conf
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -M|grep -i rewrite
rewrite_module (shared)
[root@aming-01 ~]# curl -x127.0.0.1:80 -I 2111.com.cn
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Mar 2018 21:18:05 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.34
Location: http://111.com/
Content-Type: text/html; charset=iso-8859-1
[root@aming-01 ~]# curl -x127.0.0.1:80 2111.com.cn
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://111.com/">here</a>.</p>
</body></html>
[root@aming-01 ~]# curl -x192.168.104.160:80 http://111.com/dfafdjsaf
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /dfafdjsaf was not found on this server.</p>
</body></html>11.21 Apache訪問日誌
訪問日誌
訪問日誌記錄用戶的每一個請求
vim /usr/local/apache2.4/conf/httpd.conf //搜索 LogFormat
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
修改虛擬主機配置文件如下
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.exampl.com 2111.com.cn
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
重新加載配置文件 -t , graceful
curl -x127.0.0.1:80 -I 111.com
tail /usr/local/apache2.4/logs/111.com-access_log操作過程
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.exampl.com 2111.com.cn
#<Directory /data/wwwroot/111.com>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# Require valid-user
#</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" combined
</VirtualHost>
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@aming-01 ~]# tail -5 /usr/local/apache2.4/logs/111.com-access_log
192.168.104.160 - - [23/Mar/2018:05:21:42 +0800] "GET http://111.com/dfafdjsaf HTTP/1.1" 404 207
192.168.104.1 - - [23/Mar/2018:05:42:37 +0800] "GET / HTTP/1.1" 200 8 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
192.168.104.1 - - [23/Mar/2018:05:42:38 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "http://111.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
192.168.104.160 - - [23/Mar/2018:05:43:35 +0800] "GET http://111.com/ HTTP/1.1" 200 8 "-" "curl/7.29.0"
192.168.104.160 - - [23/Mar/2018:05:43:42 +0800] "HEAD http://111.com/ HTTP/1.1" 200 - "-" "curl/7.29.0"2018-04-13 Linux學習