linux-apache安装实现用户登录身份验证

Apache 服务器

协议

1.       http 明文传递

版本

1) 1.0 一次连接一次请求

2) 1.1 一次连接多次请求

2.       https使用 mod_ssl 加密传输的；端口号443

 

安装apache，实现登陆用户的身份验证

1.       安装apache

[root@apache-server ~]# vim /etc/hosts

--给主机hostname定义个别名

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1               localhost.localdomain localhost apacheserver

::1             localhost6.localdomain6 localhost6

[root@apache-server ~]# mount /dev/cdrom /mnt/cdrom

[root@apache-server ~]# cd /mnt/cdrom/Server/

--需要安装包

[root@apache-server Server]# ll http*

-r--r--r-- 55 root root 1270589 2008-12-11 httpd-2.2.3-22.el5.i386.rpm

-r--r--r-- 63 root root  151651 2008-12-11 httpd-devel-2.2.3-22.el5.i386.rpm

-r--r--r-- 55 root root  852783 2008-12-11 httpd-manual-2.2.3-22.el5.i386.rpm

[root@apache-server Server]# yum install httpd*

[root@apache-server ~]# yum list installed |grep httpd*

 

2.查看安装形成的文件和配置文件

[root@apache-server Server]# rpm –ql httpd

--查看可以编辑的配置文件

[root@apache-server Server]# rpm -qc httpd

--配置文件包含conf.d/中的所有.conf 文件和conf/httpd.conf

--访问日志存放地点

#cd /var/log/httpd/

#cd /etc/httpd/modules

==/usr/lib/httpd/modules/

[root@apache-server httpd]# ll /usr/sbin/httpd

-rwxr-xr-x 1 root root 315284 Nov 12  2008 /usr/sbin/httpd

 

 

3.httpd进程号

[root@apache-server httpd]# pwd

/etc/httpd

[root@apache-server httpd]# cat run/httpd.pid

858

[root@apache-server httpd]# service httpd status

httpd (pid 867 866 865 863 862 861 860 859 858) is running...

[root@apache-server httpd]#

[root@apache-server sbin]# grep apache /etc/passwd

apache:x:48:48:Apache:/var/www:/sbin/nologin

--防止被*** nologin

[root@localhost ~]# ps -aux |grep apache

Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ

apache    1556  0.0  0.5  10544  2700 ?        S    22:53   0:00 /usr/sbin/httpd

apache    1557  0.0  0.5  10544  2700 ?        S    22:53   0:00 /usr/sbin/httpd

apache    1558  0.0  0.5  10544  2648 ?        S    22:53   0:00 /usr/sbin/httpd

apache    1559  0.0  0.5  10544  2700 ?        S    22:53   0:00 /usr/sbin/httpd

apache    1560  0.0  0.4  10544  2104 ?        S    22:53   0:00 /usr/sbin/httpd

apache    1562  0.0  0.5  10544  2644 ?        S    22:53   0:00 /usr/sbin/httpd

apache    1563  0.0  0.5  10544  2648 ?        S    22:53   0:00 /usr/sbin/httpd

apache    1564  0.0  0.4  10544  2104 ?        S    22:53   0:00 /usr/sbin/httpd

root      1627  0.0  0.0   1836   504 pts/4    S+   23:11   0:00 grep apache

[root@localhost ~]#

 

4.apache的模块.

--查看模块

[root@apache-server sbin]# cd /etc/httpd/

[root@apache-server httpd]# httpd -l

Compiled in modules:

  core.c

  prefork.c

  http_core.c

  mod_so.c

[root@apache-server httpd]#

[root@apache-server httpd]# setup

Security disabled 安全级别要关闭

--不允许打开非标准端口的

 

5.编辑主配置文件

[root@apache-server httpd]# vim conf/httpd.conf

210 Include conf.d/*.conf

274 UseCanonicalName Off

#打开这个UseCanonicalName是Web服务器的标准做法，因为客户发送的大部分请求都是对#本服务器的引用，这样服务器就能使用ServerName和Port选项的设置内容构建完整的#URL，并回应客户，使浏览器能得到规范的URL。如果将这个参数设置为Off，那么Apache

#将使用从客户请求中获得服务器的名字和端口值（支持HTTP 1.1的客户的请求中将会有这#些信息），重新构建URL。

 

281 DocumentRoot "/var/www/html"

 

291 <Directory />

292     Options FollowSymLinks

293     AllowOverride None

294 </Directory>

 

--开启验证

[root@apache-server html]# vim /etc/httpd/conf/httpd.conf

306 <Directory "/var/www/html">

327     AllowOverride all

--来源控制 allow 和deny 的前后顺序使用不一样 访问也限制也会不一样

332     Order allow,deny

333     Allow from all

#deny from 192.168.101.100

--登陆验证信息存放文件

335 </Directory>

398 AccessFileName .htaccess

 

6.访问apache

[root@apache-server httpd]# links 127.0.0.1

[root@apache-server html]# cd /var/www/html/

[root@apache-server html]# vim index.html

[root@apache-server html]# links 192.168.101.80:/index.html

                                               http://192.168.101.80/index.html

   hello word!                                                                 

 --默认欢迎页面                                                                          

[root@apache-server html]# ll /etc/httpd/conf.d

-rw-r--r-- 1 root root 299 Nov 12  2008 welcome.conf

[root@apache-server html]#

 

                                                             

7.创建身份验证的用户

--身份验证的说明

[root@localhost html]# vim index.html

hello my auth..test!

[root@apache-server html]# pwd

/var/www/html

[root@apache-server html]# vim .htaccess

authuserfile /var/www/html/.passwd

authtype basic

authname "please input your name add your passwd:"

require zhangsan,lisi,wangwu

#require valid-user

 

8.在.htaccess 同个web主目录建账号文件

[root@apache-server html]# htpasswd

-c  Create a new file.

 -n  Don't update file; display results on stdout.

 -m  Force MD5 encryption of the password.

 -d  Force CRYPT encryption of the password (default).

 -p  Do not encrypt the password (plaintext).

 -s  Force SHA encryption of the password.

 -b  Use the password from the command line rather than prompting for it.

 -D  Delete the specified user.

[root@apache-server html]# htpasswd -c .passwd zhangsan

[root@apache-server html]# htpasswd .passwd lisi      

[root@apache-server html]# cat .passwd

zhangsan:KeB.Yh7Tfn9dA

lisi:3GR28hIvQT/J.

--不是系统的账号，仅是apache内部站点的账号

 

9.实现身份验证测试

 

 

 

 

转载于:https://blog.51cto.com/sweetsingle/741823