Cloud computing course outline notes in class learning paths: Apache access control:
========================================================
First, the type of directory access control
-
Set the directory properties
-
Host Based
- Based on user
Second, host-based access control
Preparing the environment
[root@aliyun ~]# rm -rf /var/www/edusoho/web/download/*
[root@aliyun ~]# echo "download....." > /var/www/edusoho/web/download/1.html
Only http 2.4+
Case 1: allow all hosts access
<Directory "/var/www/edusoho/web/download">
AllowOverride None
Require all granted
</Directory>
AllowOverride All allows for covering subheadings in the current set .htaccess
AllowOverride None setting overrides are not allowed in .htaccess subheadings in the current settings
Case 2: only allow access segment 192.168.5.0/24,192.168.10.0/24
<Directory "/var/www/edusoho/web/download">
AllowOverride None
Require ip 202.106.0.0/24
Require ip 114.248.160.203
</Directory>
Case 3: Only refuse access to certain hosts
<Directory "/var/www/edusoho/web/download">
AllowOverride None
<RequireAll>
Require not ip 114.248.160.203
Require all granted
</RequireAll>
</Directory>
Third, the user-based access: requires a user name and password to access
== using unformatted text files
- Establish password file
[root@tianyun ~]# htpasswd -cm /etc/httpd/conf/webpasswd user1
New password: password
Re-type new password: re-enter the password
Adding password for user user1
-c create
-m MD5
[root@tianyun ~]# cat /etc/httpd/conf/webpasswd
user1:$apr1$tkLV4/..$BL2nd2Wbx4I5ZAf5uv8ZS.
[root@tianyun ~]# htpasswd -m /etc/httpd/conf/webpasswd user2
- Configuration Support Certification
<Directory "/var/www/edusoho/web/download">
AllowOverride None
Require all granted
AuthType Basic
AuthName "welcome to tianyun.me..."
AuthUserFile /etc/httpd/webpasswd
Require valid-user
</Directory>
Fourth, for file access control
Not allowed to execute .php files in / var / www / edusoho / web / upload directory
<Directory /webroot/baidu/upload>
AllowOverride None
Require all granted
<Files ~ ".php$" >
Order allow,deny
Deny from all
</Files>
</Directory>