Original website: http://www.qyjohn.net/?p=1147
Assuming you've installed the Ubuntu 10.10 operating system and Apache, Access http://localhost/in the browser to see it works tips.
$ sudo a2enmod SSL
$ sudo mkdir/etc/apache2/ssl
$ sudo openssl req-new-x509-days 365-nodes-out/etc/apache2/ Ssl/apache.pem-keyout/etc/apache2/ssl/apache.key
Answer a bunch of questions and get your SSL certificate.
Modify a configuration file
$ sudo pico/etc/apache2/ports.conf
You can see two lines of configuration like this:
Namevirtualhost *:80
Listen 80
Add a line below it, where 127.0.0.1 can be replaced with your IP:
Namevirtualhost 127.0.0.1:443
Modify a configuration file again
$ sudo pico/etc/apache2/sites-available/default
Add a few lines of configuration at the end, where 127.0.0.1 can be replaced with your IP:
<virtualhost 127.0.0.1:443>
Sslengine on
Sslcertificatefile/etc/apache2/ssl/apache.pem
Sslcertificatekeyfile/etc/apache2/ssl/apache.key
ServerAdmin info@mydomain.com
ServerName www.mydomain.com
documentroot/var/www/
</VirtualHost>
Restart Apache:
$ sudo service apache2 restart
Access to HTTPS://127.0.0.1/from the browser, it should be done.
Create a password-protected folder
$ sudo mkdir/var/www/protected
$ sudo pico. htaccess
Add the following in. htaccess
AuthName "Password Needed"
AuthType Basic
authuserfile/opt/www/http.passwd
Require Valid-user
Restart the Apache server
$ sudo service apache2 restart
At this point, if you access https://127.0.0.1/protected/, the login window will appear. Since we have not yet configured the authentication file, we cannot access the directory.
$sudo mkdir/opt/www
$CD/opt/www
Suppose we need to allow a user named Hello to access the above directory:
$sudo htpasswd-c http.passwd Hello
Two times enter the password, will generate the corresponding identity authentication file HTTP.PASSWD. It's time to visit https://127.0.0.1/protected/again and enter the username Hello and the password you just set.
If we need to add another user, such as Hello2, to the access, you can execute the same command, just to remove the-c parameter.
$sudo htpasswd-c http.passwd Hello2
The above authentication method, username and password are all transmitted through the network through the clear text, it is easy to be intercepted by other people by the way of sniffing. The Digest authentication method carries on the MD5 operation to the user input password, transmits the operation result to the server, thus avoids the password to direct intercept the possibility.
Next, configure Digest authentication.
$ sudo a2enmod auth_digest
Modify the. htaccess file for the corresponding directory:
$sudo pico/var/www/protected/.htaccess
Modify the AuthType to digest and save.
Delete the original identity authentication file:
$ sudo rm/opt/www/http.passwd
To create a new identity authentication file:
$ cd/opt/www
$ sudo htdigest-c http.passwd Realm Hello
To restart the Apache service:
$ sudo service apache2 restart
Get.