basic用戶驗證機制

時間 2019-11-09

標籤 basic 用戶驗證機制简体版

原文原文鏈接

basic用戶驗證機制

1,修改配置文件  
    vim /etc/httpd/conf.d/test.conf
        6 <directory /var/www/html/admin/>
        7 authtype basic
        8 AuthName "admin Page"
        9 AuthUserFile "/etc/httpd/conf.d/.httpuser"
        10 Require user tom alice
        11 </directory>

2，建立用戶帳戶
    命令 ： htpasswd
            -c  自動建立文件，僅應該在文件不存在時使用 
            -p  明文密碼 
            -d  CRYPT格式加密，默認 
            -m  md5格式加密 
            -s  sha格式加密 
            -D  刪除用戶
    htpasswd -c /etc/httpd/conf.d/.httpuser  tom
    htpasswd  /etc/httpd/conf.d/.httpuser  alice
    htpasswd  /etc/httpd/conf.d/.httpuser  jack
    註釋：建立第一個帳號以後不用加‘c’選項，

3，保證安全性對文件.httpuser進行權限修改
    chmod 600 /etc/httpd/conf.d/.httpuser
    setfacl -m u:apache:r /etc/httpd/conf.d/.httpuser

basic對組驗證機制

1，建立用戶組文件
    vim /etc/httpd/conf.d/.httpgroup 
        g1: tom jack
        g2: tom alice

2，用戶組文件
    vim  /var/www/html/admin/.htaccess 
        authtype basic
        AuthName "admin Page"
        AuthUserFile "/etc/httpd/conf.d/.httpuser"
        AuthGroupFile "/etc/httpd/conf.d/.httpgroup"
        Require group g1 g2

實現家目錄web共享，並進行basic驗證

1，修改用戶配置文件
    vim /etc/httpd/conf.d/userdir.conf
        <IfModule mod_userdir.c>
            #UserDir disabled
            UserDir public
        </IfModule>

        #
        # Control access to UserDir directories.  The following is an example
        # for a site where these directories are restricted to read-only.
        #
        #<Directory "/home/*/public_html">
        #    AllowOverride FileInfo AuthConfig Limit Indexes
        #    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
        #    Require method GET POST OPTIONS
        #</Directory>
        <directory /home/wang/public>
        allowoverride authconfig                       </directory>

2,
    vim /home/wang/public/.htaccess 
        authtype basic
        AuthName "admin Page"
        AuthUserFile "/etc/httpd/conf.d/.httpuser"
        AuthGroupFile "/etc/httpd/conf.d/.httpgroup"   Require group g1 g2

3,建立家目錄文件並更改權限
    mkdir ~wang/public
    setfacl -m u:apache:x ~wang/

4，測試
    http://localhost/~wang/index.html

實現狀態頁面顯示

修改配置文件
    vim /etc/httpd/conf.d/test.conf
        <Location "/status">
        <requireany>
        require all denied
        require ip 192.168.36.1
        </requireany>
        SetHandler server-status
        </Location>
        ExtendedStatus On

共勉!

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。