Linux9.7 Apache用户认证
一般管理员登录页面,都需要一个用户认证。
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把123.com那个虚拟主机编辑成如下内容
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
<Directory /data/wwwroot/www.123.com> //指定认证的目录
AllowOverride AuthConfig //这个相当于打开认证的开关
AuthName "123.com user auth" //自定义认证的名字,作用不大
AuthType Basic //认证的类型,一般为Basic,其他类型没用过
AuthUserFile /data/.htpasswd //指定密码文件所在位置,存用户名密码的文件
require valid-user //指定需要认证的用户为全部可用用户,用户名文件定义的用户
</Directory>
</VirtualHost>
创建文件及用户密码, chyuanliu 123qwe
[root@chy002 ~]# /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd chyuanliu New password: Re-type new password: Adding password for user chyuanliu
重新加载配置-t , graceful
在Linux平台curl命令测试
[root@chy002 ~]# curl 111.com <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Unauthorized</title> </head><body> <h1>Unauthorized</h1> <p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> </body></html> #状态码为401
[root@chy002 ~]# curl -x127.0.0.1:80 -uchyuanliu:123qwe 111.com 111.com #加入用户名和密码后正确输出
如果已经创建过一次,则不需要-c参数
[root@localhost apache2.4]# cat /data/.htpasswd chyuanliu:$apr1$bGodUR4c$XrVvHC1yzwCaat51A2Clg1 [root@localhost apache2.4]# /usr/local/apache2.4/bin/htpasswd -m /data/.htpasswd chyuanliu001 New password: Re-type new password: Adding password for user chyuanliu001 [root@localhost apache2.4]# cat /data/.htpasswd chyuanliu:$apr1$bGodUR4c$XrVvHC1yzwCaat51A2Clg1 chyuanliu001:$apr1$HwgPZ8KI$5FeZ/0Q0wTOOW9n/XjKPz1
windows绑定hosts,浏览器测试
针对单个文件进行认证
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
<FilesMatch admin.php>
AllowOverride AuthConfig
AuthName "111.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</FilesMatch>
</VirtualHost>
