LAMP Management notes

Source: Internet
Author: User
Tags http authentication apache log ssl certificate ssl connection

The format of the httpd. conf log file is as follows:

% A remote IP Address

% A local IP Address

% B sent bytes

% F File Name of the access request

% H remote host name or host address

% L remote user name or e-mail address

% P port used by the server to respond to the request

% R request details

% S request status

% T request time

% U user logged on to the server

% U URL requested by the user

# Added by PHP to co-operation with PHP

Addtype application/X-httpd-PHP. php

Addtype application/X-httpd-PHP-source. PHPs

# Added by myself for WAP-support

Addtype text/vnd. WAP. WML. WML

Addtype application/vnd. WAP. wmlc. wmlc

Addtype text/vnd. WAP. WMLScript. WMLS

Addtype image/vnd. WAP. wbmp. wbmp

Addtype application/vnd. WAP. wmlscriptc. wmlsc

Configure AWStats to view Apache Log Files: Add a virtual directory to simulate the built-in Apache log files. There is a configuration file in the/etc/AWStats directory.

Access localhost/awstats. pl through a browser? Config = localhost (this value is set by yourself)

By adjusting httpd. conf:

Virtual Hosts can be set in conf/extra/httpd-vhosts.conf

127.0.0.1/server-status to view the current server status

You can view the help manual for 127.0.0.1/manual.

Set SSL connection:

SSL Certificate: (Certificate)

1. Certificate concept: First, you must have a root certificate, and then use the root certificate to issue the server certificate and customer certificate. Generally, the server certificate and customer certificate are in a hierarchical relationship. The root certificate and server certificate must be installed in SSL for authentication. -- Our browser believes in the root certificate, so the root certificate visa also believes that this is our common https.

Therefore, in this environment, you must have at least three certificates: Root Certificate, server certificate, and client certificate.

Before a certificate is generated, a private key is usually used to generate a certificate request with the private key, and then use the root certificate of the Certificate Server to issue the certificate.

2. Implement with openssl: create a private key, create a self-Signed CA certificate with the private key, and issue a certificate to the customer.

Generate key server. key: openssl genrsa 1024> server. key

Then use it to generate the certificate request file server. csr: openssl req-new-key server. key> server. csr (you need to enter your certificate information)

Now you can generate a certificate: openssl req-x509-days 365-key server. key-in server. csr> server. crt

Next you need to modify the httpd-ssl.conf. Readers can try debugging on their own-I think they should try to solve the problem on their own.

PhpMyAdmin: Adjust the session. save_path = "2;/tmp/mysession" error: inaccessible: Modify $ cfg ['servers'] [$ I] ['auth _ type'] = 'http ';

PhpMyAdmin:

Three methods of phpMyAdmin authentication: config, HTTP, and cookie

PhpMyAdmin supports three user authentication methods: config, cookie, and HTTP.

Regardless of the configuration method, the user permissions of the MySQL database are not exceeded.

Config authentication is to directly write the user name and password for accessing the database in the configuration file. Visitors can directly access the database.

Cookie authentication requires you to manually enter the user name and password during user access.

Another method is HTTP authentication. This method makes visitors feel like a cookie.

However, it actually uses the HTTP authentication mechanism of PHP, which is only effective when PHP runs in the Apache mode module.

In the PHP script of the Apache module, you can use the header () function to send the "authentication required" message to the client browser.

Then, a user name/password input window is displayed in the browser.

The user name and password entered by the user are verified as the MySQL user password.

For PHP running in CGI Mode, although this Authentication Window can still be displayed, it cannot pass verification no matter what you enter.

The following is an optional advanced PHP configuration option ):

Create a PMA user

Control user

(Redirected from controluser)

The controluser is a special MySQL user configured with limited permissions and needed by phpMyAdmin in these situations:

To use any of the phpMyAdmin configuration storage features (such as bookmarking queries, change tracking, and more ),

To use auth_types cookie and http with MySQL versions 4.1.2 or older,

To use auth_types cookie and http if the MySQL server is running with the -- skip-show-databases flag.

The controluser is created with a few SQL statements (explained below) and the appropriate values must be placed in./config. inc. php for the controluser and controlpass directives.

Contents

[Hide]

1 Creating a controluser

1.1 MySQL version 4.0.2 or newer

1.2 MySQL version older than 4.0.2

1.3 To use pmadb features

2 Edit config. inc. php

[Edit] Creating a controluser

The following example assumes you want to use pma as the controluser and pmapass as the controlpass, but this is only an example: use something else in your file! Input these statements from the phpMyAdmin SQL Query window or mysql command-line client.
Course you have to replace localhost with the webserver's host if it's not the same as the MySQL server's one.

[Edit] MySQL version 4.0.2 or newer

According to the documentation at http://www.phpmyadmin.net/documentation/#linked-tables "Note: starting with phpMyAdmin 2.6.1, this section is only applicable if your MySQL server is running with -- skip-show-database. "This is only an excerpt, so it is
Suggested you visit that page.

Grant usage on mysql. * TO 'pma' @ 'localhost' identified by 'pmapass ';

Grant select (

Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,

Create_priv, drop_priv, reload_priv, shutdown_priv, process_priv,

File_priv, grant_priv, references_priv, index_priv, alter_priv,

Show_db_priv, super_priv, create_tmp_table_priv, lock_tables_priv,

Execute_priv, repl_slave_priv, repl_client_priv

) On mysql. User to 'pm' @ 'localhost ';

Grant select on MySQL. dB to 'pm' @ 'localhost ';

Grant select on MySQL. Host to 'pm' @ 'localhost ';

Grant select (host, DB, user, table_name, table_priv, column_priv)

On mysql. tables_priv to 'pma' @ 'localhost ';

[Edit] MySQL version older than 4.0.2

Grant select (

Host, user, select_priv, insert_priv, update_priv, delete_priv,

Create_priv, drop_priv, reload_priv, shutdown_priv, process_priv,

File_priv, grant_priv, references_priv, index_priv, alter_priv

) ON mysql. user TO 'pm' @ 'localhost ';

Grant select (

Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,

Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,

File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,

Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,

Execute_priv, Repl_slave_priv, Repl_client_priv

) ON mysql. user TO 'pm' @ 'localhost ';

Grant select on mysql. db TO 'pm' @ 'localhost ';

Grant select on mysql. host TO 'pm' @ 'localhost ';

Grant select (Host, Db, User, Table_name, Table_priv, Column_priv)

ON mysql. tables_priv TO 'pma' @ 'localhost ';

Of course, the above queries only work if your MySQL version supports the GRANT command. This is the case since 3.22.11.

[Edit] To use pmadb features

If you want to use advanced (phpMyAdmin configuration storage) features, run this line after the above statements:

Grant select, insert, update, delete on phpMyAdmin. * To 'pma' @ 'localhost ';

Use your pmadb database name instead of phpMyAdmin if needed. This of course requires that your phpMyAdmin configuration storage be set up, see the pmadb section for directions on how to do so.

[Edit] edit config. Inc. php

Now edit./config. Inc. php and add the following two lines (somewhere near the other directives like auth_type is good ):

$ Cfg ['servers'] [$ I] ['controluser'] = 'pma ';

// Use here whatever username was created abve

$ Cfg ['servers'] [$ I] ['controlpass'] = 'pmapass ';

// Use here the password to match that user

On the Character page: Create Database phpMyAdmin;

Source/usr/local/www/PHPmyAdmin/examples/create_tables. SQL;

Source/usr/local/www/phpMyAdmin/examples/upgrade_tables_mysql_4_1_2 +. SQL;

Create a database and table for pma and use advanced functions.

Then, refer to the configuration of config. inc. example. php.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.