Full resolution of Apache Web server access control mechanism (1)

Bkjia.com exclusive Article] The Aapche server in Linux provides powerful access control functions. Users can choose to use configuration commands or. this document describes how to set the htaccess file.

1. Use common access control configuration commands for access control

1. configuration instructions

The configuration commands for Implementing Access Control in Apache include the following:

1) order command: used to specify the sequence in which access control rules are allowed or access control rules are denied. Order can only be set to Order allow, deny, Order deny, and allow, respectively, to indicate whether the user sets the allowed access address or the prohibited access address first. The Order option defines the default access permission and the processing sequence of Allow and Deny statements. The Allow and Deny statements can be used to set the domain name or IP address of the client to determine which clients can access the server. The specific meanings of the two values set in the Order statement are as follows:

◆ Allow and deny: by default, access from all clients is prohibited, and the Allow statement is matched before the Deny statement. If a condition matches both the Deny statement and the Allow statement, the Deny statement takes effect because the Deny statement overwrites the Allow statement ).

◆ Deny and allow: access from all clients is allowed by default, and the Deny statement is matched before the Allow statement. If a condition matches both the Deny statement and the Allow statement, the Allow statement takes effect because the Allow statement overwrites the Deny statement ).

2) allow command: Specify the allowed addresses or address sequences. For example, the allow from all command allows access requests from all IP addresses.

3) deny command: Specifies the address or Address Sequence of Access prohibited. For example, the deny from all command disables access requests from all IP addresses.

2. Application Instance

The following are a few simple examples to demonstrate the use of the above order, allow, and deny commands.

1) in the following example, all hosts in the admin.org domain are allowed to access the website, and access from other hosts not in the domain is denied, because Deny is in the front, Allow is in the back, the Allow statement overwrites the Deny statement:

 
 

  
  
Order Deny,Allow   
  
  
Deny from all  
  
  
Allow from admin.org  
 
 

2) In the following example, all hosts in the admin.org domain are allowed to access all the hosts except those in the db.admin.org subdomain. However, access to all hosts not in the admin.org domain is not allowed, because the default state is to Deny access to the server before Allow, and after Deny, the Deny statement overwrites the Allow statement ):

 
 

  
  
Order Allow,Deny  
  
  
Allow from admin.org  
  
  
Deny from db.admin.org