basic用户验证机制
1,修改配置文件
vim /etc/httpd/conf.d/test.conf
6 <directory /var/www/html/admin/>
7 authtype basic
8 AuthName "admin Page"
9 AuthUserFile "/etc/httpd/conf.d/.httpuser"
10 Require user tom alice
11 </directory>
2,创建用户账户
命令 : htpasswd
-c 自动创建文件,仅应该在文件不存在时使用
-p 明文密码
-d CRYPT格式加密,默认
-m md5格式加密
-s sha格式加密
-D 删除用户
htpasswd -c /etc/httpd/conf.d/.httpuser tom
htpasswd /etc/httpd/conf.d/.httpuser alice
htpasswd /etc/httpd/conf.d/.httpuser jack
注释:创建第一个账号之后不用加‘c’选项,
3,保证安全性对文件.httpuser进行权限修改
chmod 600 /etc/httpd/conf.d/.httpuser
setfacl -m u:apache:r /etc/httpd/conf.d/.httpuser
basic对组验证机制
1,创建用户组文件
vim /etc/httpd/conf.d/.httpgroup
g1: tom jack
g2: tom alice
2,用户组文件
vim /var/www/html/admin/.htaccess
authtype basic
AuthName "admin Page"
AuthUserFile "/etc/httpd/conf.d/.httpuser"
AuthGroupFile "/etc/httpd/conf.d/.httpgroup"
Require group g1 g2
实现家目录web共享,并进行basic验证
1,修改用户配置文件
vim /etc/httpd/conf.d/userdir.conf
<IfModule mod_userdir.c>
#UserDir disabled
UserDir public
</IfModule>
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory "/home/*/public_html">
# AllowOverride FileInfo AuthConfig Limit Indexes
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# Require method GET POST OPTIONS
#</Directory>
<directory /home/wang/public>
allowoverride authconfig </directory>
2,
vim /home/wang/public/.htaccess
authtype basic
AuthName "admin Page"
AuthUserFile "/etc/httpd/conf.d/.httpuser"
AuthGroupFile "/etc/httpd/conf.d/.httpgroup" Require group g1 g2
3,创建家目录文件并更改权限
mkdir ~wang/public
setfacl -m u:apache:x ~wang/
4,测试
http://localhost/~wang/index.html
实现状态页面显示
修改配置文件
vim /etc/httpd/conf.d/test.conf
<Location "/status">
<requireany>
require all denied
require ip 192.168.36.1
</requireany>
SetHandler server-status
</Location>
ExtendedStatus On
共勉!
