5.Apache user authentication, domain jump, access log

Source: Internet
Author: User
Tags apache access log

[TOC]

Apache user authentication 11.18 Apache user authentication

The user authentication function is when the user visits the website, needs to enter the user name password to be able to access. Some of the better total site and site backstage will be added user authentication, to ensure security.

1. Under the face of xavi.com site to do a full-site user authentication:
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把xavi.com那个虚拟主机编辑成如下内容<VirtualHost *:80>    DocumentRoot "/data/wwwroot/xavi.com"    ServerName xavi.com    <Directory /data/wwwroot/xavi.com> //指定认证的目录        AllowOverride AuthConfig //这个相当于打开认证的开关        AuthName "xavi.com user auth" //自定义认证的名字,作用不大        AuthType Basic //认证的类型,一般为Basic,其他类型阿铭没用过        AuthUserFile /data/.htpasswd  //指定密码文件所在位置        require valid-user //指定需要认证的用户为全部可用用户    </Directory></VirtualHost>
2. Create password htpasswd command

Before you create a password file, understand the HTPASSWD command:
The HTPASSWD command is an Apache Web server built-in tool for creating and updating password files that store user names, domains, and user Basic authentication.

[[email protected] ~]# /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd xaviNew password: Re-type new password: Adding password for user xavi[[email protected] ~]# ls /data/.htpasswd/data/.htpasswd[[email protected] ~]# cat !$cat /data/.htpasswdxavi:$apr1$WKpg/kJm$gLaC.HA8/GbaF8g/fSVx/1
2.1 Create a user again, reload the configuration-t,graceful
[[email protected] ~]# /usr/local/apache2.4/bin/htpasswd -m /data/.htpasswd lileiNew password: Re-type new password: Adding password for user lilei[[email protected] ~]# cat /data/.htpasswdxavi:$apr1$WKpg/kJm$gLaC.HA8/GbaF8g/fSVx/1lilei:$apr1$f8p3nVfN$gP/WTgkIpWPTqoTI8V31U1//重新加载配置-t,graceful[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -tSyntax OK[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
2.2 Bind hosts, browser test, status code 401,curl-x127.0.0.1:80 xavi.com
[[email protected] ~]# curl -x127.0.0.1:80 xavi.com<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
[[email protected] ~]# curl -x127.0.0.1:80 xavi.com -IHTTP/1.1 401 UnauthorizedDate: Tue, 06 Mar 2018 14:50:18 GMTServer: Apache/2.4.29 (Unix) PHP/7.1.6WWW-Authenticate: Basic realm="xavi.com user auth"Content-Type: text/html; charset=iso-8859-1

3.CURL-X127.0.0.1:80-UAMING:PASSWD www.123.com//status code is 200
[[email protected] ~]# curl -x127.0.0.1:80 -uxavi:xavi2018 xavi.comxavi.com[[email protected] ~]#[[email protected] ~]# curl -x127.0.0.1:80 -uxavi:xavi2018 xavi.com -IHTTP/1.1 200 OKDate: Tue, 06 Mar 2018 15:12:44 GMTServer: Apache/2.4.29 (Unix) PHP/7.1.6X-Powered-By: PHP/7.1.6Content-Type: text/html; charset=UTF-8xavi.com[[email protected] ~]# curl -x127.0.0.1:80 -uxavi:xavi xavi.com<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4. Single file for authentication 4.1 Add the following similar content (modified according to your own directory) in the configuration file:
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

4.2 Reload Configuration-t,graceful
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -tSyntax OK[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
4.3 Edit a 123.php file and certify
[[email protected] ~]# vim /data/wwwroot/xavi.com/123.php

10.19 Domain Jump

301 Domain Jump

1 Configuring the Domain name Jump vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf

A domain jump is similar to redirecting a Web page to another site, but the difference is that the domain jump transfers the domain name itself back to the site instead of using HTML or scripting to redirect it. When the domain name is set to jump to another site, the address of the domain name will not remain in the browser's URL bar, and the column will show the URL of the new page. If you want to keep the URLs in this column, you need to use stealth jumps.

<VirtualHost *:80>    DocumentRoot "/data/wwwroot/xavi.com"    ServerName xavitest.com    ServerAlias www.example.com www.xavi.com    <IfModule mod_rewrite.c>          //需要mod_rewrite模块支持        RewriteEngine on                   //打开rewrite功能        RewriteCond %{HTTP_HOST} !^xavitest.com$     //定义rewrite的条件,主机名(域名)不是xavitest.com满足条件                RewriteRule ^/(.*)$ http://xavitest.com/$1 [R=301,L]     //定义rewrite规则:当满足上面条件时才执行当前规则,即跳转到xavitest.com。状态码301表示永久跳转;302表示临时跳转。L表示last,执行一次,^表示非,(.*)表示123.php,$1表示第一个方括号   </IfModule>    ErrorLog "logs/xavi.example.com-error_log"    CustomLog "logs/xavi.example.com-access_log" common</VirtualHost>

<VirtualHost *:80>     DocumentRoot "/data/wwwroot/xavi.com"    ServerName xavi.com    ServerAlias www.example.com    <IfModule mod_rewrite.c>        RewriteEngine on        RewriteCond %{HTTP_HOST} !^xavi.com$        RewriteRule ^/(.*)$ http://www.xavi.com/$1 [R=301,L]   </IfModule>        ErrorLog "logs/xavi-error_log"    CustomLog "logs/xavi-access_log" common</VirtualHost>
Check for errors, open the HTTPD service, reload the configuration-t,graceful
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -tSyntax OK[[email protected] ~]# /usr/local/apache2.4/bin/apachectl gracefulhttpd not running, trying to start[[email protected] ~]# /usr/local/apache2.4/bin/apachectl starthttpd (pid 3152) already running[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
2. Modify the httpd.conf file
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -M |grep rewrite[[email protected] ~]# vim /usr/local/apache2.4/conf/httpd.confLoadModule rewrite_module modules/mod_rewrite.so     //去掉#,以启用这个模块

/usr/local/apache2/bin/apachectl-m|grep-i rewrite//If no module is required, edit the configuration file
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -tSyntax OK[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -M |grep rewrite rewrite_module (shared)[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
3. Test whether the jump was successful

80 ports with a few colons is the start of several network cards

curl-x192.168.122.1:80 Www.example.com-I//-i can view results directly
[[email protected] ~]# curl -x192.168.122.1:80 www.example.com -IHTTP/1.1 301 Moved PermanentlyDate: Wed, 07 Mar 2018 13:43:47 GMTServer: Apache/2.4.29 (Unix) PHP/7.1.6Location: http://www.xavi.com/Content-Type: text/html; charset=iso-8859-1
[[email protected] ~]# curl -x192.168.122.1:80 www.example.com<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4. Status Code summary 301,200,40111.21 Apache access log 1. Apache Access Log Location:
[[email protected] ~]#  ls /usr/local/apache2.4/logs/abcd-access_log      abcd-error_log  httpd.pid            xavi.com-error_logabcd.com-access_log  access_log      xavi-access_log      xavi-error_logabcd.com-error_log   error_log       xavi.com-access_log[[email protected] ~]# ls /usr/local/apache2.4/logs/xavi.com-access_log/usr/local/apache2.4/logs/xavi.com-access_log[[email protected] ~]# cat !$

2. View Log format 2.1 in httpd.conf search Logformat
[[email protected] ~]# vim /usr/local/apache2.4/conf/httpd.conf<IfModule log_config_module>    #    # The following directives define some format nicknames for use with    # a CustomLog directive (see below).    #    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined    LogFormat "%h %l %u %t \"%r\" %>s %b" common    <IfModule logio_module>
Combined and common two formats, by default using common format, referer the last visited URL. 3. The format of the change log is combined
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf<IfModule mod_rewrite.c>        RewriteEngine on        RewriteCond %{HTTP_HOST} !^xavi.com$        RewriteRule ^/(.*)$ http://www.xavi.com/$1 [R=301,L]   </IfModule>        ErrorLog "logs/xavi-error_log"    CustomLog "logs/xavi-access_log" combined</VirtualHost>

View Log files: Cat/usr/local/apache2.4/logs/xavi-access_log

Reason log changes not previously found because the access name was incorrectly written

[[email protected] ~]# cat /usr/local/apache2.4/logs/xavi-access_log

5.Apache user authentication, domain jump, access log

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.