nginx实现网站过滤
用户访问控制,指在访问网站的时候,会有认证;模块是不需要安装的。
实验环境:
操作系统:CentOS 7
服务器:192.168.184.137
nginx版本:nginx-1.16.1
nginx的网站过滤步骤如下:
1、关闭防火墙和selinux
[root@localhost ~]# systemctl stop firewalld # 关闭防火墙
[root@localhost ~]# systemctl disable firewalld # 开机自动关闭防火墙
[root@localhost ~]# setenforce 0 # 临时关闭selinux
[root@localhost ~]# vim /etc/selinux/config # 永久关闭selinux,要重启机器才生效(reboot)
SELINUX=disabled # 将enforcing修改为disabled
2、配置基础的nginx环境
[root@localhost ~]# yum -y install gcc make zlib-devel pcre pcre-devel openssl-devel
[root@localhost ~]# yum -y install net-tools wget lsof httpd-tools
[root@localhost ~]# wget http://nginx.org/download/nginx-1.16.1.tar.gz
[root@localhost ~]# tar xf nginx-1.16.1.tar.gz
[root@localhost ~]# cd nginx-1.16.1
[root@localhost nginx-1.16.1]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx
[root@localhost nginx-1.16.1]# make && make install
[root@localhost nginx-1.16.1]# cd
3、修改配置文件(/usr/local/nginx/conf/nginx.conf)
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
43 location / {
44 root /web/html; #新创建目录(大概在44行)
45 index index.html index.htm;
46 auth_basic "please input username and password"; #提示语句
47 auth_basic_user_file /usr/local/nginx/passwd.db; #存放信息的文件
48 }
4、在/web/html/创建测试文件
[root@localhost ~]# mkdir -p /web/html
[root@localhost ~]# cd /web/html/
[root@localhost html]# vim index.html
<html>
<body>
<p>i am 192.168.184.137's testing page</p>
<p>nginx tomcat</p>
<p>i am nginx</p>
<p>welcome to nginx</p>
<p>you can write</p>
</body>
</html>
[root@localhost html]# cd
5、创建可以访问的用户名和密码
[root@localhost ~]# htpasswd -c /usr/local/nginx/passwd.db zhangsan #添加用户张三
New password: #密码为123
Re-type new password:
Adding password for user tom
[root@localhost ~]#
6、二进制启动nginx,重新加载(reload)
[root@localhost ~]# /usr/local/nginx/sbin/nginx
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload
7、浏览器测试 — 192.168.184.137
访问页面会弹出授权验证框,验证我们创建的用户和密码,即可登录,看到以下页面。