LNMP下为Nginx目录设置访问验证的用户名密码

有时候需要象Apache那样为指定的目录添加访问验证,一般在Apache下使用htpasswd来添加,而htpasswd是包含在apache2-utils里,一般LNMP一键安装包或自己编译安装LNMP都不会安装apache2-utils。下面说一下如何为Nginx的网站目录设置访问验证

1、创建类htpasswd文件

执行:wget -c soft.vpser.net/lnmp/ext/htpasswd.sh;

脚本内容:

#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH

echo "====================================="
echo "# A tool like htpasswd for Nginx    #"
echo "#-----------------------------------#"
echo "# Author:Licess http://www.lnmp.org #"
echo "====================================="

#set UserName

        username=""
        read -p "Please input UserName:" username
        if [ "$username" = "" ]; then
                echo "Error:UserName can't be NULL!"
                exit 1
        fi
        echo "==========================="
        echo "UserName was: $username"
        echo "==========================="

#set password

        unpassword=""
        read -p "Please input the Password:" unpassword
        if [ "$unpassword" = "" ]; then
                echo "Error:Password can't be NULL!"
                exit 1
        fi
        echo "==========================="
        echo "Password was: $unpassword"
        echo "==========================="
password=$(perl -e 'print crypt($ARGV[0], "pwdsalt")' $unpassword)

#set htpasswd file                                                    
                                                                      
        htfile=""                                                     
        read -p "Please input Auth filename:" htfile                  
        if [ "$htfile" = "" ]; then                                   
                echo "Error:Auth filename can't be NULL!"             
                exit 1                                                
        fi                                                            
        echo "==========================="                            
        echo "Auth File: /usr/local/nginx/conf/$htfile"               
        echo "==========================="                            
                                                                      
        get_char()                                                    
        {                                                             
        SAVEDSTTY=`stty -g`                                           
        stty -echo                                                    
        stty cbreak                                                   
        dd if=/dev/tty bs=1 count=1 2> /dev/null                      
        stty -raw                                                     
        stty echo                                                     
        stty $SAVEDSTTY                                               
        }                                                             
        echo ""                                                       
        echo "Press any key to Creat...or Press Ctrl+c to cancel"     
        char=`get_char`                                               
                                                                      
if [ ! -f /usr/local/nginx/conf/$htfile.conf ]; then                  
  echo "Create Auth file......"                                       
cat >/usr/local/nginx/conf/$htfile.conf<<eof                          
$username:$password                                                   
eof                                                                   
echo "Create Auth file successful,auth file path:/usr/local/nginx/conf/$htfile.conf."
else                                                                  
        echo "File already exists,please run this script again."      
        exit 1                                                        
fi     

执行脚本:bash htpasswd.sh

按提示输入用户名、密码、及认证文件名。脚本会自动生成认证文件。记录下脚本返回的文件路径。如:/usr/local/nginx/conf/htpasswd.conf.

2、为Nginx添加auth认证配置

下面是以某域名下面的目录为例,在域名的server段里加上如下代码:
location /
{
auth_basic "Restricted";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;     #这里写前面脚本返回的文件路径;
}

Restricted为提示信息,可以修改成自己想让他提示的信息;auth_basic_user_file 后面需要填htpasswd.sh脚本返回的人家文件的路径。

注意,加上认证之后该目录下的PHP将不会被解析,会出现下载提示,如果想可以解析PHP可以将上面的配置改为:

server {

                        listen 8018;
                        server_name db.chinagba.com;
                        root    /data/wwwroot/dbadmin;
                        index index.php;
                        location ~ .*\.php?$
                        {
                                include fcgi.conf;
                                fastcgi_pass  spawn;
                                fastcgi_index index.php;
                        }
                        location / {
                                auth_basic "Restricted";
                                auth_basic_user_file /usr/local/nginx/conf/htpasswd;   #这里写前面脚本返回的文件路径;

                        }
                }

按上面的提示修改好配置后,重启nginx,

[root@YOUWO-APP-199 conf]# /usr/local/nginx/sbin/nginx -t
the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@YOUWO-APP-199 conf]# /usr/local/nginx/sbin/nginx -s reload

访问http://121.9.243.199:8018/ 就会提示输入用户名和密码。

本教程适合LNMP一键安装包或自己安装的LNMP,只不过目录和配置文件可能位置不一样。

本文链接地址:http://www.vpser.net/build/nginx-htpasswd.html