Phase 25 Linux20180529 Apche certified access log domain name jump

May 29 Task

11.18 Apache user authentication
11.19/11.20 Domain Jump
11.21 Apache Access Log

11.18 Apache user authentication

The so-called user authentication is to enter the 80 port corresponding to the page, that is, through the Apache time, set the user password is security authentication. Although generally not used,

However, the Administrator account login page may add such a layer of security certification.

Open the virtual host configuration file. Vim/usr/local/apache2/conf/extra/httpd-vhosts.conf. Because the first is a default virtual host, you can modify the second configuration.

<Directory/data/wwwroot/www.hqigroup.com.au> #指定认证的目录

AllowOverride authconfig #这个相当于打开认证的开关

AuthName "Hqigroup user auth" #自定义认证的名字, not very useful

AUTHUSERFILE/DATA/.HTPASSWD #指定密码文件所在位置

Require Valid-user #指定密码文件所在位置

</Directory>

The above defines a configuration that requires authentication, one of which is the location of the specified password file, which requires a place to put the password file, including the user name and password.

Linux has a command to generate the password, that is htpasswd

/usr/local/apache2/bin/htpasswd-c-m/data/.htpasswd Bill

This creates a MD5 encrypted password file location that is the/DATA/.HTPASSWD user name is the bill password for your own input

You can see the user and password (after encryption)

When the second and later to add the user, because this file already exists, so you do not need to add-c This parameter, because there is no need to create a file.

Then reload the following and do the test.

/usr/local/apache2/bin/apachectl-t

Something went wrong. Wrong, 37 lines.

The original cannot be added to the following # comments, the comments are deleted after the No.

/usr/local/apache2/bin/apachectl Graceful

Then curl can be tested, it should be 402 status code, but I appear 200, that is, the normal access to the status code is not right.

Curl-x127.0.0.1:80 Www.hqigroup.com.au-I

Find the wrong:

Because the directory and root directories should be the same.

This time use curl-x127.0.0.1:80 Www.hqigroup.com.au-I

This allows you to match the user and password configured in the virtual host.

For a specific directory .

Note that it's not directory but filesmatch.

In fact, a site under a certain directory for authentication.

<filesmatch file name >

Then look at the following when the direct access to the domain name is not 401, and access to the following 123.php is 401.

You can also access content directly by Curl user name password

Curl-x127.0.0.1:80-u User name: Password www.hqigroup.com.au/123.php

11.19/20 Domain Jump

Background introduction:

Domain name jump needs, such as some site content no longer continue, set up a jump to the new site.

SEO search engine Here play a certain role. Baidu's spider came to the server grabbed the page into the database, the user search will be compared to find the relevant page out.

This involves another problem with the search rankings. The higher the weight, the more forward the ranking. And judging the site is by looking at his domain name. If a site has two domain names will be the search engine that one is false, so it is best to have only one server, another domain name jump.

301 permanent jump, generally so use.

302 temporary redirection, not friendly for SEO. Does not reduce the previous domain name weight, also does not increase after the domain name weight.

Or do you want to edit the virtual host file

The first thing to do is to use a Morgul mod_rewrite. This module is required to support, open, and define rewrite conditions and rules.

<ifmodule mod_rewrite.c> mod_rewrite Module support

Rewriteengine on open rewrite function

Rewritecond%{http_host}!^www.hqigroup.com.au$ defines the condition of the rewrite, the hostname (domain name) is not www.hqigroup.com.au meet the criteria, regular,! The expression is reversed, ^ start $ end

Rewriterule ^/(. *) $ http://www.hqigroup.com.au/$1 [r=301,l] define rules when the above conditions are met, rule execution

</IfModule>

After saving the file, you need to test for syntax errors, reload, check if the module is open, if it is not open to the Apache configuration file to open.

Then check again and find that it has been loaded.

Then check that it can be tested after loading.

Look again if url/xxx experiment, also realized the jump of the new domain after the addition of the former XXX

There will also be 403 code, which is to change the Apache configuration file of all granted to denied 403 forbidden.

The above is the domain name of the jump/redirect

Access logs for Apache

The access log is the history of access/request.

The directory of logs is/usr/local/apache/logs

The following can be seen in the access log

But this kind of log format is too simple, can not be customized, if you want to customize the words need to/usr/local/apache2/conf/httpd.conf to define

Vim found Logformat after entering the configuration file

The system uses common by default, so the log field you see above is in this format.

Specifically pointed out that Referer is the source page user-agent is a proxy, browser, etc.

So here it is to change the configuration file of the virtual host,/usr/local/apache/conf/extra/httpd-vhosts.conf common to combined

Then-t Graceful

Curl-x127.0.0.1:80 Www.example.com-I

Look at the results of log, the first two are curl, the last one is browser access

There is only user-agent information, because it is not a directory to jump over, so there is no referal information.

Phase 25 Linux20180529 Apche certified access log domain name jump