11月15日任务
11.18 Apache用户认证
11.19/11.20 域名跳转
11.21 Apache访问日志
11.18 Apache用户认证
- vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把123.com那个虚拟主机编辑成如下内容
- <VirtualHost *:80>
- DocumentRoot "/data/wwwroot/www.123.com"
- ServerName www.123.com
- <Directory /data/wwwroot/www.123.com> //指定认证的目录
- AllowOverride AuthConfig //这个相当于打开认证的开关
- AuthName "123.com user auth" //自定义认证的名字,作用不大
- AuthType Basic //认证的类型,一般为Basic,其他类型阿铭没用过
- AuthUserFile /data/.htpasswd //指定密码文件所在位置
- require valid-user //指定需要认证的用户为全部可用用户
- </Directory>
- </VirtualHost>
- /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd aming
- 重新加载配置-t , graceful
- 绑定hosts,浏览器测试
- curl -x127.0.0.1:80 www.123.com //状态码为401
- curl -x127.0.0.1:80 -uaming:passwd www.123.com //状态码为200
[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/htpasswd -c -m /data/.htppasswd zhangguoxiang #-c 创建 -m 表示md5加密
[root@zgxlinux-01 ~]# cat /data/.htppasswd
zhangguoxiang:$apr1$RKbRex0f$R0QtyiT0EuEsfJmxwSwhl0
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/htpasswd -m /data/.htppasswd zhangsan #这时候不需要指定-c 因为这个文件已经创建过
New password:
Re-type new password:
Adding password for user zhangsan
[root@zgxlinux-01 ~]# cat /data/.htppasswd
zhangguoxiang:$apr1$RKbRex0f$R0QtyiT0EuEsfJmxwSwhl0
zhangsan:$apr1$q/7YWXFI$OQJYI5OfO8in3KdDYi.Eo1
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -t
Syntax OK
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful
[root@zgxlinux-01 ~]# curl -x127.0.0.1:80 111.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
#针对单文件操作
- 还可以针对单个文件进行认证
- <VirtualHost *:80>
- DocumentRoot "/data/wwwroot/www.123.com"
- ServerName www.123.com
- <FilesMatch admin.php>
- AllowOverride AuthConfig
- AuthName "123.com user auth"
- AuthType Basic
- AuthUserFile /data/.htpasswd
- require valid-user
- </FilesMatch>
- </VirtualHost>
#创建一个123pho
[root@zgxlinux-01 ~]# vim /data/wwwroot/111.com/123.php
11.19 、域名跳转
- 需求,把123.com域名跳转到www.123.com,配置如下:
- <VirtualHost *:80>
- DocumentRoot "/data/wwwroot/www.123.com"
- ServerName www.123.com
- ServerAlias 123.com
- <IfModule mod_rewrite.c> //需要mod_rewrite模块支持
- RewriteEngine on //打开rewrite功能
- RewriteCond %{HTTP_HOST} !^www.123.com$ //定义rewrite的条件,主机名(域名)不是www.123.com满足条件
- RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满足上面的条件时,这条规则才会执行
- </IfModule>
- </VirtualHost>
- /usr/local/apache2/bin/apachectl -M|grep -i rewrite //若无该模块,需要编辑配置文件httpd.conf,删除rewrite_module (shared) 前面的#
- curl -x127.0.0.1:80 -I 123.com //状态码为301
#编辑配置文件 /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf ,301表示永久跳转
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -t
Syntax OK
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -M |grep rewrite
[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/httpd.conf #修改配置文件,注释这一行,加载module模块。
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -M |grep rewrite
rewrite_module (shared)
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -t
Syntax OK
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful
[root@zgxlinux-01 ~]# curl -x192.168.56.128:80 2111.com.cn -I #-I表示不显示结果而显示状态码
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Nov 2018 09:43:04 GMT
Server: Apache/2.4.37 (Unix) PHP/5.6.32
Location: http://www.111.com/
Content-Type: text/html; charset=iso-8859-1
[root@zgxlinux-01 ~]# curl -x192.168.56.128:80 2111.com.cn
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.111.com/">here</a>.</p>
</body></html>
11.21 、Apache访问日志
- 访问日志记录用户的每一个请求
- vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
- 把虚拟主机配置文件改成如下:
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "logs/123.com-access_log" combined
</VirtualHost>
- 重新加载配置文件 -t,graceful
- curl -x127.0.0.1:80 -I 123.com
- tail /usr/local/apache2.4/logs/123.com-access_lo
[root@zgxlinux-01 ~]# ls /usr/local/apache2.4.37/logs/
111.com-access_log abc.com-access_log access_log httpd.pid
111.com-error_log abc.com-error_log error_log
[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/httpd.conf
[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf
