Linux server security policy details 12

Source: Internet
Author: User
Tags ftp login
Article Title: Linux server security policy explanation 12. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

6.3.8. Password protection for Apache servers

The. htaccess file is a configuration file on the Apache server. It is a text file that can be written in any text editor .. The htaccess file provides a method for changing the configuration of directories, that is, by placing a file containing one or more commands in a specific document directory (. to apply to this directory and all its subdirectories .. The htaccessfunction is used to set the web page password. When an error occurs, the current file name (such as index.html) of the first page is changed, the file name cannot be read, the file is redirected, the MIME category is added, and the files under the column directory are prohibited. Note that ,. htaccess is a complete file name, not ***. htaccess or other formats (of course, some administrators set it to other names, but they are generally used. htaccess ). In addition, when uploading a. htaccess file, you must use the ASCII mode and use the chmod command to change the permission to 644 (rw1_r1_r __). Each directory and sub-directory containing. htaccess will be affected by. htaccess. For example,. htaccess file, so all the files in/abc/AND/abc/def/will be affected by it, but/index.html will not be affected, this is very important.

 1. Create a. htpasswd File

First, create a file under the directory (such as htdocs) where access control is set. You can set the file name on your own. Generally, the server is set to. htpasswd, which cannot be read by HTTP .. Each row in the htpasswd file represents a user. The user's name and encrypted password are separated by a colon.

2. implement protection for htaccess files

The content of the. htaccess file is as follows:

Authtype basic

Authuserfile/usr/home/***/htdocs/. abcname1

Authgroupfile/usr/home/***/htdocs/. abcname2

Authname information

Require valid-user

The *** in the second and third rows can be changed to the personal FTP login name .. Abcname1 and. abcname2 can be arbitrary file names, such as. htpasswd and. htpass, But not. htaccess. Upload. htaccess to the directory for password protection (such as htdocs.

The "require" at the end of the. htaccess file tells the server which users can access the file. Require valid-user indicates that any one of. htpasswd can enter. You can also specify one or more people on the list to use "require user username" or "require user username1 username2 username3 ". You can also specify a group of users to use "require group groupname ".

3. Add new licensed users

Go to the htdocs directory and enter the following command in the command line status to generate the. abcname1 file.

Echo>. abcname1

/Var/www/bin/htpasswd. abcname1 abc

Abc indicates the username to be added. After you enter this command, the system will prompt you to enter this user password, so that this user name takes effect. If you want to add more users later, you can change the user name when running the second line of command. If this user name exists, a prompt is displayed to change the password.

4. Create a group for access

You can set up a text file named. htgroup as follows:

Groupname1: username1 username2 username3

Groupname2: username1 username3 username4

Add "AuthGroupFile/absolute/path/. htgroup" to. htaccess ". After uploading all files in ASCII mode, all files in this directory will be protected.

[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] Next page

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.