41, Apache user authentication, domain name jump, Apache access log

One, Apache user authentication

The function is that when users visit a website, they need to enter a user name and password to enter the site. Some important sites or websites are often authenticated by users to ensure security.

# vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<virtualhost *:80>

DocumentRoot "/data/wwwroot/111.com"

ServerName 111.com

Serveralias www.example.com

<Directory/data/wwwroot/111.com>//Designation of certified directories

AllowOverride authconfig//Turn on the certified switch

AuthName "111.com user auth"//Custom certified name, not very useful

AuthType Basic//authentication type, generally basic

AUTHUSERFILE/DATA/.HTPASSWD//Specify the location of the password file

Require Valid-user//specify that users who require authentication are all available users

</Directory>

Errorlog "Logs/111.com-error_log"

Customlog "Logs/111.com-access_log" common

</VirtualHost>

HTTPD configuration file configuration complete, create a password file:

#/usr/local/apache2.4/bin/htpasswd-c-M/DATA/.HTPASSWD MRX

New Password:

Re-type New Password:

Adding Password for user MRX

HTPASSWD command for the creation of the user's tool,-C creation (create),-m Specifies the password encryption method is MD5, plus the user name;

/DATA/.HTPASSWD for the password file, MRX for the user to create, the first time to execute the command needs to add-C;

second time When you create a new user, you don't have to add-C , otherwise the/data/.htpasswd file is reset and the previous user is emptied.

#/usr/local/apache2.4/bin/apachectl-t

Syntax OK

#/usr/local/apache2.4/bin/apachectl Graceful

# curl-x 127.0.0.1:80 111.com

<! DOCTYPE HTML PUBLIC "-//ietf//dtd HTML 2.0//en" >

<title> 401 unauthorized</title>

<p>this Server could not verify

is authorized to access the document

Requested. Either you supplied the wrong

credentials (e.g., bad password), or your

Browser doesn ' t understand how to supply

The Credentials required.</p>

</body>

    // 401 Status Code , which indicates that the content of the access needs to be authenticated by the user, the authentication is not 401, the pair is 200.

This 111.com can be accessed in a browser, provided that 111.com is added to the Windows Hosts file.

# curl-x 127.0.0.1:80-umrx:12345 111.com

111.com[[email protected] ~]#//access succeeded, status code 200.

-u: Specify user name and password

The above operation is the entire site to do certification, in fact, can also be for a directory or file certification, such as the www.111.com/admin/directory certification, only need to modify a place, the <directory/data/wwwroot/111.com/ admin/>; if it is a file, you need to change it:

#<directory/data/wwwroot/111.com>//Comment out

<filesmatch 123.php>

AllowOverride authconfig

AuthName "111.com User auth"

AuthType Basic

authuserfile/data/.htpasswd

Require Valid-user

</filesmatch>

#</directory>//Comment out

#/usr/local/apache2.4/bin/apachectl-t

Syntax OK

#/usr/local/apache2.4/bin/apachectl Graceful

# vim/data/wwwroot/111.com/123.php

<?php

echo "123,php";

# curl-x 127.0.0.1:80 111.com/123.php-i//This file will be accessed at this time 401

http/1.1 401 Unauthorized

Date:fri, APR 2018 10:26:40 GMT

server:apache/2.4.33 (Unix) php/7.1.6

Www-authenticate:basic realm= "111.com user auth"

content-type:text/html; Charset=iso-8859-1

Second, the domain name jump (domain redirection)

301 Status Code : Permanent redirect, Permanent jump. Transfer the weights.

The role of the domain jump:

1. A site with multiple domain names will have an impact on SEO.

2. If the previous domain name is no longer used, but the search engine still keep the old domain link before, meaning that users may search and click the old domain name, you need to make a jump to the old domain name, jump to a new domain name, so that users search for old domain name, you can jump directly to the new site.

# vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<virtualhost *:80>

DocumentRoot "/data/wwwroot/111.com"

ServerName 111.com

Serveralias www.example.com 2111.com.cn

<ifmodule mod_rewrite.c>//requires Mod_rewrite module support

Rewriteengine on//Open rewrite function

Rewritecond%{http_host}!^111.com$

//Define the conditions of the rewrite, when host name of the access (domain name) is not 111.com when the condition is met. Start with 111 ^, with COM end $ 's jump to 111.com.

Rewriterule ^/(. *)/([1-9]+) $ http://111.com/$1/$2 [r=301,l]

//define rewrite rules, this rule will only execute when the above conditions are met, jumping to 111.com,/(. *) means 111.com /123.php , 123.php is. *,$1 is the first parenthesis, the second curly brace, L: Jumps to the end only once. 302: Temporary redirect.

</IFModule>

Here are the settings in the configuration file for the new domain name.

#/usr/local/apache2.4/bin/apachectl-t

Syntax OK

#/usr/local/apache2.4/bin/apachectl Graceful

To see if the rewrite module is open before testing:

#/usr/local/apache2.4/bin/apachectl-m |grep Rewrite

Go to the main profile to open it:

# vim/usr/local/apache2.4/conf/httpd.conf

LoadModule Rewrite_module modules/mod_rewrite.so

Get rid of this line of #.

#/usr/local/apache2.4/bin/apachectl-t

Syntax OK

#/usr/local/apache2.4/bin/apachectl Graceful

#/usr/local/apache2.4/bin/apachectl-m |grep Rewrite

Rewrite_module (Shared)

The module loads well and starts testing:

# curl-x 127.0.0.1:80 2111.com.cn-i

http/1.1 301 Moved Permanently status code 301

Date:fri, APR 2018 12:17:18 GMT

server:apache/2.4.33 (Unix) php/7.1.6

location:http://111.com/

content-type:text/html; Charset=iso-8859-1

# curl-x 127.0.0.1:80 2111.com.cn

<! DOCTYPE HTML PUBLIC "-//ietf//dtd HTML 2.0//en" >

<title>301 Moved permanently</title>

<p>the Document has moved <a href= " http://111.com/ ">here</a>.</p>

</body>

Jumped to 111.com.

Third, Apache access log

<virtualhost *:80>

DocumentRoot "/data/wwwroot/111.com"

ServerName 111.com

Serveralias www.example.com 2111.com.cn

#<directory/data/wwwroot/111.com>

# <filesmatch 123.php>

# allowoverride Authconfig

# authname "111.com user auth"

# authtype Basic

# AUTHUSERFILE/DATA/.HTPASSWD

# Require Valid-user

# </FilesMatch>

#</directory>

<ifmodule mod_rewrite.c>

Rewriteengine on

Rewritecond%{http_host}!^111.com$

Rewriterule ^/(. *) $ http://111.com/$1 [r=301,l]

</IFModule>

Errorlog "Logs/111.com-error_log"

Customlog "logs/111.com-access_log" common

</VirtualHost>

Access log path for this virtual host: /usr/local/apache2.4/logs/ 111.com-access_log

127.0.0.1--[13/apr/2018:20:17:08 +0800] "GET HTTP://2111.com.cn/HTTP/1.1" 301 223

127.0.0.1--[13/apr/2018:20:17:18 +0800] "HEAD HTTP://2111.com.cn/HTTP/1.1" 301-

GET: No Add-i;head: Add-I, only show status code 301.

Http/1.1:http version; 301 Status Code, 223: size.

# vim/usr/local/apache2.4/conf/httpd.conf

Logformat "%h%l%u%t \"%r\ "%>s%b \"%{referer}i\ "\"%{user-agent}i\ "" combined

Logformat "%h%l%u%t \"%r\ "%>s%b" common

Two types of log formats, default common.

User-agent: User agent.

Referer:user-agent's previous step URL.

# vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<virtualhost *:80>

DocumentRoot "/data/wwwroot/111.com"

ServerName 111.com

Serveralias www.example.com 2111.com.cn

Errorlog "Logs/111.com-error_log"

Customlog "Logs/111.com-access_log" combined change format

</VirtualHost>

#/usr/local/apache2.4/bin/apachectl-t

Syntax OK

#/usr/local/apache2.4/bin/apachectl Graceful

# curl-x 127.0.0.1:80 111.com/123.php-i

# curl-x 127.0.0.1:80 111.com/123.php

# cat/usr/local/apache2.4/logs/111.com-access_log changes in format changed

127.0.0.1--[13/apr/2018:21:01:07 +0800] "GET HTTP://111.com/123.php http/1.1" 7 "-" "curl/7.29.0"

127.0.0.1--[13/apr/2018:21:02:40 +0800] "HEAD HTTP://111.com/123.php http/1.1"-"-" "curl/7.29.0"

curl/7.29.0: This is user-agent.

Extended

Apache Virtual host opens PHP's short tag http://ask.apelearn.com/question/5370

41, Apache user authentication, domain name jump, Apache access log