apache认证
有时候某些目录下的文件需要增加认证,Apache缺省的认证模块都是很完备的,以下就是一个通过.htaccess文件增加用户认证的例子。即使对于虚拟主机用户也可以通过上传一些文件来实现认证控制。
<VirtualHost *:52147>
ServerAdmin [email]webmaster@xxx.com.cn[/email]
DocumentRoot /data/mrtgwww/
ServerName mrtg.xxc.com.cn
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
<Directory /data/mrtgwww/>
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
首先用htpasswd创建一个密码文件:比如文件名叫做my.passwd
/home/apache/bin/htpasswd -c -b my.passwd myusername mypassword
如果增加帐号:
/home/apache/bin/htpasswd -b my.passwd anotherusername anotherpassword
将my.passwd上传到一个非发布路径下。
比如你的物理WEB根目录的上一级
/home/apache/conf/my.passwd
创建 .htaccess
AuthName "My Authorization Directory"
AuthType Basic
AuthUserFile /home/apache/conf/my.passwd
Require valid-user
将这个文件上传到你需要进行用户认证的目录:
/home/apache/htdocs/admin/.htaccess
这样这个目录的访问就需要认证了。
-c 创建密码文件
[root@HOTRM-NJ1 bin]# ./htpasswd --help
Usage:
htpasswd [-cmdpsD] passwordfile username
htpasswd -b[cmdpsD] passwordfile username password
htpasswd -n[mdps] username
htpasswd -nb[mdps] username password
-c Create a new file.
-n Don't update file; display results on stdout.
-m Force MD5 encryption of the password.
-d Force CRYPT encryption of the password (default).
-p Do not encrypt the password (plaintext).
-s Force SHA encryption of the password.
-b Use the password from the command line rather than prompting for it.
-D Delete the specified user.
vi httpd.conf
Alias /ganglia "/Data/webapps/monitor.360quan.com/ganglia"
<Directory "/Data/webapps/monitor.360quan.com/ganglia">
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Ganglia Access"
AuthType Basic
AuthUserFile /Data/apps/httpd-2.2.8/conf/my.passwd
#AuthUserFile /Data/apps/nagios/etc/htpasswd.users
Require valid-user
</Directory>
有时候某些目录下的文件需要增加认证,Apache缺省的认证模块都是很完备的,以下就是一个通过.htaccess文件增加用户认证的例子。即使对于虚拟主机用户也可以通过上传一些文件来实现认证控制。
<VirtualHost *:52147>
ServerAdmin [email]webmaster@xxx.com.cn[/email]
DocumentRoot /data/mrtgwww/
ServerName mrtg.xxc.com.cn
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
<Directory /data/mrtgwww/>
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
首先用htpasswd创建一个密码文件:比如文件名叫做my.passwd
/home/apache/bin/htpasswd -c -b my.passwd myusername mypassword
如果增加帐号:
/home/apache/bin/htpasswd -b my.passwd anotherusername anotherpassword
将my.passwd上传到一个非发布路径下。
比如你的物理WEB根目录的上一级
/home/apache/conf/my.passwd
创建 .htaccess
AuthName "My Authorization Directory"
AuthType Basic
AuthUserFile /home/apache/conf/my.passwd
Require valid-user
将这个文件上传到你需要进行用户认证的目录:
/home/apache/htdocs/admin/.htaccess
这样这个目录的访问就需要认证了。
-c 创建密码文件
[root@HOTRM-NJ1 bin]# ./htpasswd --help
Usage:
htpasswd [-cmdpsD] passwordfile username
htpasswd -b[cmdpsD] passwordfile username password
htpasswd -n[mdps] username
htpasswd -nb[mdps] username password
-c Create a new file.
-n Don't update file; display results on stdout.
-m Force MD5 encryption of the password.
-d Force CRYPT encryption of the password (default).
-p Do not encrypt the password (plaintext).
-s Force SHA encryption of the password.
-b Use the password from the command line rather than prompting for it.
-D Delete the specified user.
vi httpd.conf
Alias /ganglia "/Data/webapps/monitor.360quan.com/ganglia"
<Directory "/Data/webapps/monitor.360quan.com/ganglia">
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Ganglia Access"
AuthType Basic
AuthUserFile /Data/apps/httpd-2.2.8/conf/my.passwd
#AuthUserFile /Data/apps/nagios/etc/htpasswd.users
Require valid-user
</Directory>
