linux-apache安裝實現用戶登錄身份驗證

Apache 伺服器

協議

1. http 明文傳遞

版本

1) 1.0 一次連接一次請求

2) 1.1 一次連接多次請求

2. https使用 mod_ssl 加密傳輸的；埠號443

安裝

apache,實現登陸用戶的身份驗證

1. 安裝apache

[root@apache-server ~]# vim /etc/hosts

--給主機hostname定義個別名

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost apacheserver

::1 localhost6.localdomain6 localhost6

[root@apache-server ~]# mount /dev/cdrom /mnt/cdrom

[root@apache-server ~]# cd /mnt/cdrom/Server/

--需要安裝包

[root@apache-server Server]# ll http*

-r--r--r-- 55 root root 1270589 2008-12-11 httpd-2.2.3

-22.el5.i386.rpm

-r--r--r-- 63 root root 151651 2008-12-11 httpd-devel-2.2.3-22.el5.i386.rpm

-r--r--r-- 55 root root 852783 2008-12-11 httpd-manual-2.2.3-22.el5.i386.rpm

[root@apache-server Server]# yum install httpd*

[root@apache-server ~]# yum list installed |grep httpd*

2.查看安裝形成的文件和配置文件

[root@apache-server Server]# rpm –ql httpd

--查看可以編輯的配置文件

[root@apache-server Server]# rpm -qc httpd

--配置文件包含conf.d/中的所有.conf 文件和conf/httpd.conf

--訪問日誌存放地點

#cd /var/log/httpd/

#cd /etc/httpd/modules

==/usr/lib/httpd/modules/

[root@apache-server httpd]# ll /usr/sbin/httpd

-rwxr-xr-x 1 root root 315284 Nov 12 2008 /usr/sbin/httpd

3.httpd進程號

[root@apache-server httpd]# pwd

/etc/httpd

[root@apache-server httpd]# cat run/httpd.pid

858

[root@apache-server httpd]# service httpd status

httpd (pid 867 866 865 863 862 861 860 859 858) is running...

[root@apache-server httpd]#

[root@apache-server sbin]# grep apache /etc/passwd

apache:x:48:48:Apache:/var/www:/sbin/nologin

--防止被攻擊 nologin

[root@localhost ~]# ps -aux |grep apache

Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7

/FAQ

apache 1556 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd

apache 1557 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd

apache 1558 0.0 0.5 10544 2648 ? S 22:53 0:00 /usr/sbin/httpd

apache 1559 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd

apache 1560 0.0 0.4 10544 2104 ? S 22:53 0:00 /usr/sbin/httpd

apache 1562 0.0 0.5 10544 2644 ? S 22:53 0:00 /usr/sbin/httpd

apache 1563 0.0 0.5 10544 2648 ? S 22:53 0:00 /usr/sbin/httpd

apache 1564 0.0 0.4 10544 2104 ? S 22:53 0:00 /usr/sbin/httpd

root 1627 0.0 0.0 1836 504 pts/4 S

23:11 0:00 grep apache

[root@localhost ~]#

4.apache的模塊.

--查看模塊

[root@apache-server sbin]# cd /etc/httpd/

[root@apache-server httpd]# httpd -l

Compiled in modules:

core.c

prefork.c

http_core.c

mod_so.c

[root@apache-server httpd]#

[root@apache-server httpd]# setup

Security disabled 安全級別要關閉

--不允許打開非標準埠的

5.編輯主配置文件

[root@apache-server httpd]# vim conf/httpd.conf

210 Include conf.d/*.conf

274 UseCanonicalName Off

#打開這個UseCanonicalName是Web伺服器的標準做法,因為客戶發送的大部分請求都是對#本伺服器的引用,這樣伺服器就能使用ServerName和Port選項的設置內容構建完整的#URL,並回應客戶,使瀏覽器能得到規範的URL.如果將這個參數設置為Off,那麼Apache

#將使用從客戶請求中獲得伺服器的名字和埠值（支持HTTP 1.1的客戶的請求中將會有這#些信息）,重新構建URL.

281 DocumentRoot "/var/www/html"

291 <Directory />

292 Options FollowSymLinks

293 AllowOverride None

294 </Directory>

--開啟驗證

[root@apache-server html]# vim /etc/httpd/conf/httpd.conf

306 <Directory "/var/www/html">

327 AllowOverride all

--來源控制 allow 和deny 的前後順序使用不一樣 訪問也限制也會不一樣

332 Order allow,deny

333 Allow from all

#deny from 192.168.101.100

--登陸驗證信息存放文件

335 </Directory>

398 AccessFileName .htaccess

6.訪問apache

[root@apache-server httpd]# links 127.0.0.1

[root@apache-server html]# cd /var/www/html/

[root@apache-server html]# vim index.html

[root@apache-server html]# links 192.168.101.80:/index.html

http://192.168.101.80/index.html

hello word!

--默認歡迎頁面

[root@apache-server html]# ll /etc/httpd/conf.d

-rw-r--r-- 1 root root 299 Nov 12 2008 welcome.conf

[root@apache-server html]#

7.創建身份驗證的用戶

--身份驗證的說明

[root@localhost html]# vim index.html

hello my auth..test!

[root@apache-server html]# pwd

/var/www/html

[root@apache-server html]# vim .htaccess

authuserfile /var/www/html/.passwd

authtype basic

authname "please input your name add your passwd:"

require zhangsan,lisi,wangwu

#require valid-user

8.在.htaccess 同個web主目錄建賬號文件

[root@apache-server html]# htpasswd

-c Create a new file.

-n Don't update file; display results on stdout.

-m Force MD5 encryption of the password.

-d Force CRYPT encryption of the password (default).

-p Do not encrypt the password (plaintext).

-s Force SHA encryption of the password.

-b Use the password from the command line rather than prompting for it.

-D Delete the specified user.

[root@apache-server html]# htpasswd -c .passwd zhangsan

[root@apache-server html]# htpasswd .passwd lisi

[root@apache-server html]# cat .passwd

zhangsan:KeB.Yh7Tfn9dA

lisi:3GR28hIvQT/J.

--不是系統的賬號,僅是apache內部站點的賬號

9.實現身份驗證測試

本文出自 「一抹茶色陽光」 博客,請務必保留此出處http://sweetsingle.blog.51cto.com/3429592/741823

Tags: linux system 系統