Linux_apache Service Knowledge Summary (ii) (about user's access control and compilation installation)

Source: Internet
Author: User
Tags install openssl md5 encryption keep alive

User's access control

As the name implies, is to restrict those users can access resources Ah, which can not access resources, is to control their access to the right, simple to say that is the meaning.


There are 2 key authentication methods for user authentication:

1, Basic certifications: Basic

2, Digest Certification: Digest

Take a look at the file-based access control, let's do a little experiment (based on user authentication)

Add the following in the configuration file: 650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M00/45/96/wKioL1Po1IqQ9qHdAAAlDSKIqQQ220.png " Title= "1.PNG" alt= "Wkiol1po1iqq9qhdaaaldskiqqq220.png"/>

In the picture:/var/www/html/admin is going to do access control on this directory

AuthType: Type of authentication, Basic

AuthUserFile: This specifies the file where the user is authenticated, for/ETC/HTTPD/CONF/.HTPASSWD

Require Valid-user: Allow all users to request


And then we're going to add users to the. htpasswd file.

#htpasswd-C-M/ETC/HTTPD/CONF/.HTPASSWD

-C Create a file that is used only when you create the file for the first time

-M is using MD5 encryption

The operation is complete, let's verify, I have created a page file in the admin directory,

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/45/96/wKiom1Po16XR-i3xAABrSA5NRXo538.png "title=" 2.PNG " alt= "Wkiom1po16xr-i3xaabrsa5nrxo538.png"/>

Do you need an account number and password?

The previous is to take the user to authenticate, the following we do under the group to authenticate, just modify the following configuration file:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/45/98/wKioL1Po2waRNAGmAAAq2xlYEJM654.png "title=" 3.PNG " alt= "Wkiol1po2warnagmaaaq2xlyejm654.png"/>

I added the test group in the /etc/httpd/conf/.htgroup file, user3,user4 the user,

Only users within the group file can access the page,

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/45/97/wKiom1Po206g5WAeAABiW3176w8420.png "title=" 4.PNG " alt= "Wkiom1po206g5waeaabiw3176w8420.png"/>

If the input user2 will not go to the page, this is the 2 kinds of user-and group-based authentication, the page file access control, is not very simple.


Let's start by compiling the httpd-2.4 version manually, because on CENTOS6, httpd-2.4 differs from httpd-2.0 and 2.2,httpd-2.4 with some new features,

1) MPM support is loaded at runtime;

--enable-mpms-shared=all--with-mpm={prefork|worker|event}

2) Support for event MPM

3) asynchronous read and write

4) Use different log levels for each module and per directory

5) per-request configuration;<if>,<elseif>

6) Enhanced version of Expression Analyzer

7) Millisecond-keep alive timeout

8) FQDN-based virtual host no longer requires namevirtualhost instructions;

9) Enable users to use custom variables

Want to compile httpd2.4 on CENTOS6, and httpd2.4 depend on, apr-1.4 above version, while in CENTOS6 the newest version is only 1.39, all we have to install apr-1,4 above version with apr-util-1.4 above version first,

Here I use apr-1.5.0 apr-util-1.5.3

The first thing to do is to download the 2 packages to the root directory, unzip the 2 packages,

Then CD to APR-1.5.O, where you execute the command:

#./configure--prefix=/usr/local/apr1.5, installed in/usr/local/apr1.5

Then perform the installation

# make && make instal

To install apr-util1.5.3 again,

#./configure--prefix=/usr/local/apr-util--with-apr=/usr/local/apr1.5/

# Make && make install

If there is an error in the middle, you need to see a reminder, most likely a tool is not installed, I just did not install GCC caused an error


Let's go to the installation httpd process.

httpd, source code download, unzip,

Go to the httpd-2.4.9 directory, compile,

#./configure--prefix=/usr/local/apache--sysconfdir=/etc/httpd24--enable-so--enable-ssl--enable-cgi-- Enable-rewrite--with-zlib--with-pcre--with-apr=/usr/local/apr--with-apr-util=/usr/local/apr-util/-- Enable-mpms-shared=all--with-mpm=event--enable-modules=most


The following appears to indicate that the installation was successful:

Last article: config.status:executing default commands

Then make && make Install,make finished


This is a compiled command that integrates various functions, and the following one by one explains

--prefix=/usr/local/apache specifying the file path for the installation

--sysconfdir= specifying the path to the configuration file

--ENABLE-SO supports DSO mechanism, dynamic loading and unloading module

--ENABLE-SSL compiling SSL-enabled modules

--enable-cgi to enable CGI modules

--enable-rewrite URL Rewriting

--with-zlib the compression library used when sending the network data packets,

--with-pcre using an expanded regular expression

--with-apr= path Specifies the installation path for APR

--with-apr-util= path Specifies the installation path for Apr-util

--enable-mpms-shared=all--with-mpm=event The use of dynamic loading and unloading MPM is required to install the MPM, and specify the starting even module

--enable-modules=most compiling a common dynamic module


In the process of command execution, will be error, I will say I do when the error let me install the content it,

Tip I need a #yum install pcre-devel that I have installed

# yum-y Install Mod_ssl

# yum Install Openssl-devel


Basic manual compilation That's it, it's finally done.



This article is from the "Linux Small Pot Friends" blog, please be sure to keep this source http://ny0716.blog.51cto.com/9154254/1538798

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.