標籤:web伺服器 aws使用者存取控制
web服務類別目錄的存取權限的控制
1.確認web伺服器已經安裝並啟動
[[email protected] ~]# ls /usr/local/httpd/
650) this.width=650;" src="http://s2.51cto.com/wyfs02/M00/8A/90/wKioL1g0KUOToUxuAAAQSTLddCg201.png-wh_500x0-wm_3-wmp_4-s_789261735.png" title="圖片2.png" alt="wKioL1g0KUOToUxuAAAQSTLddCg201.png-wh_50" />
[[email protected] ~]# netstat -utpln |grep 80
tcp 0 0 :::80 :::* LISTEN 73341/httpd
650) this.width=650;" src="http://s4.51cto.com/wyfs02/M02/8A/90/wKioL1g0KUyCkuWsAAAL2nUcdQw668.png-wh_500x0-wm_3-wmp_4-s_3262872187.png" title="圖片3.png" alt="wKioL1g0KUyCkuWsAAAL2nUcdQw668.png-wh_50" />
2.設定只允許192.168.100.110訪問,其他主機拒絕:
[[email protected] ~]# vim /usr/local/httpd/conf/httpd.conf
421 <Directory "/usr/local/awstats/wwwroot">
422 Options None
423 AllowOverride None
424 Order allow,deny
425 Allow from 192.168.100.110 ##修改該行
426 </Directory>
427
:set nu ##列印行號
:wq
650) this.width=650;" src="http://s2.51cto.com/wyfs02/M00/8A/93/wKiom1g0KVXRPII6AAA2SSU3roo995.png-wh_500x0-wm_3-wmp_4-s_2215806752.png" title="圖片4.png" alt="wKiom1g0KVXRPII6AAA2SSU3roo995.png-wh_50" />
[[email protected] ~]# /etc/init.d/httpd restart ##重啟服務
httpd is restart complete.
測試:
修改windows主機的VNET1的IP為192.168.100.10,訪問測試:
http://www.linuxfan.cn/aws.html ##不能訪問
650) this.width=650;" src="http://s2.51cto.com/wyfs02/M00/8A/93/wKiom1g0KWGy_nH5AADTOJ98YTY346.png-wh_500x0-wm_3-wmp_4-s_3790342726.png" title="圖片5.png" alt="wKiom1g0KWGy_nH5AADTOJ98YTY346.png-wh_50" />
http://www.linuxfan.cn ##能訪問
650) this.width=650;" src="http://s4.51cto.com/wyfs02/M01/8A/90/wKioL1g0KWvi7CnbAABywtRbhc8452.png-wh_500x0-wm_3-wmp_4-s_4266970347.png" title="圖片6.png" alt="wKioL1g0KWvi7CnbAABywtRbhc8452.png-wh_50" />
修改windows主機的VNET1的IP為192.168.100.110,訪問測試:
http://www.linuxfan.cn/aws.html ##能訪問
650) this.width=650;" src="http://s5.51cto.com/wyfs02/M01/8A/93/wKiom1g0KXXTZN5JAAIvfSeslqs255.png-wh_500x0-wm_3-wmp_4-s_2618225284.png" title="圖片7.png" alt="wKiom1g0KXXTZN5JAAIvfSeslqs255.png-wh_50" />
http://www.linuxfan.cn ##能訪問
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/8A/93/wKiom1g0KYHBcvovAABywtRbhc8417.png-wh_500x0-wm_3-wmp_4-s_444987271.png" title="圖片8.png" alt="wKiom1g0KYHBcvovAABywtRbhc8417.png-wh_50" />
3.使用者授許可權制:
1)建立認證使用者的密碼檔案(password file):
[[email protected] ~]# /usr/local/httpd/bin/htpasswd -c /usr/local/httpd/conf/htpasswd admin ##添加admin使用者
New password: ##輸入密碼[email protected]
Re-type new password: ##確認密碼
Adding password for user admin
[[email protected] ~]# cat /usr/local/httpd/conf/htpasswd
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M01/8A/93/wKiom1g0KYrx16AvAAAZvhvq0Lc100.png-wh_500x0-wm_3-wmp_4-s_2333257841.png" title="圖片9.png" alt="wKiom1g0KYrx16AvAAAZvhvq0Lc100.png-wh_50" />
htpasswd /usr/local/httpd/conf/htpasswd john ##添加john使用者
相同的方法添加fage兩個使用者(注意除了添加第一個使用者外其他其他使用者要去掉-c的選項)
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/8A/90/wKioL1g0KZ-TULz0AAAL1pF9w9s499.png-wh_500x0-wm_3-wmp_4-s_820438685.png" title="圖片10.png" alt="wKioL1g0KZ-TULz0AAAL1pF9w9s499.png-wh_50" />
[[email protected] ~]# vim /usr/local/httpd/conf/htgroups ##為授權使用者加入組
mygroup: admin fage ##組名: 成員1 成員2
650) this.width=650;" src="http://s5.51cto.com/wyfs02/M00/8A/93/wKiom1g0KauyZnJIAAANddjWV3c431.png-wh_500x0-wm_3-wmp_4-s_3157964379.png" title="圖片11.png" alt="wKiom1g0KauyZnJIAAANddjWV3c431.png-wh_50" />
2)添加使用者授權配置
[[email protected] ~]#
421 <Directory "/usr/local/awstats/wwwroot">
422 Options None
423 AllowOverride None
424 Order allow,deny
425 Allow from 192.168.100.110
426 AuthType Basic ##定義認證的類型為Basic
427 AuthName "Log analysis system" ##提示短語
428 AuthBasicProvider file ##提供認證者為file
429 AuthUserFile /usr/local/httpd/conf/htpasswd ##指定認證使用者檔案
430 AuthGroupFile /usr/local/httpd/conf/htgroups ##指定認證組檔案
431 Require group mygroup ##設定允許訪問的使用者或者組,如果設定為使用者改為“Require valid-user”即可
432 </Directory>
433
:set nu
:wq650) this.width=650;" src="http://s1.51cto.com/wyfs02/M01/8A/93/wKiom1g0KbThQAD1AAAjBtLymgo345.png-wh_500x0-wm_3-wmp_4-s_3881363696.png" title="圖片12.png" alt="wKiom1g0KbThQAD1AAAjBtLymgo345.png-wh_50" />
[[email protected] ~]# /etc/init.d/httpd restart ##重啟服務
httpd is restart complete.
3)訪問測試:
http://www.linuxfan.cn/aws.html ##輸入使用者測試,admin與fage能登入,jhon不能登入
注意驗證不同使用者時只需關閉重新開啟即可
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/8A/93/wKiom1g0KdCiI11TAACB0GxKsXI357.png-wh_500x0-wm_3-wmp_4-s_2925608492.png" title="圖片13.png" alt="wKiom1g0KdCiI11TAACB0GxKsXI357.png-wh_50" />
650) this.width=650;" src="http://s1.51cto.com/wyfs02/M00/8A/93/wKiom1g0KeLAvoiGAACx-GnVX5g206.png-wh_500x0-wm_3-wmp_4-s_318057820.png" title="圖片14.png" alt="wKiom1g0KeLAvoiGAACx-GnVX5g206.png-wh_50" />
650) this.width=650;" src="http://s1.51cto.com/wyfs02/M00/8A/93/wKiom1g0KeyBoYEwAABSm8IUbik547.png-wh_500x0-wm_3-wmp_4-s_3545364955.png" title="圖片15.png" alt="wKiom1g0KeyBoYEwAABSm8IUbik547.png-wh_50" />
650) this.width=650;" src="http://s1.51cto.com/wyfs02/M01/8A/93/wKiom1g0KgfRz05iAACrrFvHQBw129.png-wh_500x0-wm_3-wmp_4-s_1695471948.png" title="圖片16.png" alt="wKiom1g0KgfRz05iAACrrFvHQBw129.png-wh_50" />
Jhon:
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/8A/94/wKiom1g0KhmSKJZ1AABsg8yQfRQ271.png-wh_500x0-wm_3-wmp_4-s_2110530416.png" title="圖片17.png" alt="wKiom1g0KhmSKJZ1AABsg8yQfRQ271.png-wh_50" />
650) this.width=650;" src="http://s2.51cto.com/wyfs02/M01/8A/90/wKioL1g0KizR_v9eAABd1tPI2hc178.png-wh_500x0-wm_3-wmp_4-s_3720303193.png" title="圖片18.png" alt="wKioL1g0KizR_v9eAABd1tPI2hc178.png-wh_50" />
web服務類別目錄的存取權限的控制
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
