After the Apache configuration Basic authentication, the user is created with the HTPASSWD command.
HTPASSWD establishes and updates a text file that stores user names and passwords for Basic authentication of HTTP users.
#/usr/local/apache/bin/htpasswd--help
HTPASSWD parameters
-C creates passwdfile. If the passwdfile already exists, it will write back and delete the original content.
-N Do not update passwordfile, display password directly
-M uses MD5 encryption (default)
-D using crypt encryption (default)
-P uses plain text format passwords
-S uses SHA encryption
-B command line to enter the username and password, instead of the prompt to enter a password, you can see clear text, do not need to interact
-D deletes the specified user
Basic authenticated pages appear when accessing the/var/www/html directory, and you need to enter a username and password.
The code is as follows |
Copy Code |
<Directory/var/www/html> authuserfile/etc/httpd/conf.d/.zabbix.cc Authgroupfile/dev/null AuthName "Please Input Your account Name and Password" AuthType Basic Require Valid-user </Directory> |
Used when it was first created
The code is as follows |
Copy Code |
# htpasswd-c/etc/httpd/conf.d/.zabbix.cc <UserName> Append user # htpasswd/etc/httpd/conf.d/.zabbix.cc <UserName> |
The number of characters in the password, not more than 8 words.
Because the default is to use the hash function crypt (the default option-D), Crypt ignores more than 8 characters of text.
To use a password more than 8 words, use the-m option (hash function MD5).
With the-p option, a hash is not made when the file is written.
Let's get down to business, how to use. htaccess and. htpasswd to add authentication to the directory;
Create a ". htpasswd" file in the format "Username: password": "Note: Window may not be created directly, you can use text to create and write the following code, by saving as". htpasswd ", note that you need double quotes. 】
ccp330:123456
Create ". htaccess" file, the format is as follows, relevant instructions can search the Internet to find out:
AuthUserFile. htpasswd file Absolute Path
The code is as follows |
Copy Code |
AuthType Basic AuthName "Restricted" Order Deny,allow Deny from all Require Valid-user Satisfy any For example: AuthUserFile g:/php_work/.htpasswd AuthType Basic AuthName "Restricted" Order Deny,allow Deny from all Require Valid-user Satisfy any |
The third step is to place the created ". htpasswd" and ". htaccess" in the directory you want to protect, and now access the files in the protected directory to see the following effects:
Then there are two points to note:
The 1th is ". htpasswd" files can be placed in a random position, and ". htaccess" must be placed in the directory to be protected and fill out. htpasswd's absolute path, which means that the password file ". htpasswd" can be placed outside the web directory;
The 2nd is the ". htpasswd" file password can be encrypted, the specific encryption method is as follows