linux-apache安装实现登陆身份验证-023
2011-09-10 23:12
585 查看
Apache 服务器
协议
1. http 明文传递
版本
1) 1.0 一次连接一次请求
2) 1.1 一次连接多次请求
2. https使用 mod_ssl 加密传输的;端口号443
安装apache,实现登陆用户的身份验证
1. 安装apache
[root@apache-server ~]# vim /etc/hosts
--给主机hostname定义个别名
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost apacheserver
::1 localhost6.localdomain6 localhost6
[root@apache-server ~]# mount /dev/cdrom /mnt/cdrom
[root@apache-server ~]# cd /mnt/cdrom/Server/
--需要安装包
[root@apache-server Server]# ll http*
-r--r--r-- 55 root root 1270589 2008-12-11 httpd-2.2.3-22.el5.i386.rpm
-r--r--r-- 63 root root 151651 2008-12-11 httpd-devel-2.2.3-22.el5.i386.rpm
-r--r--r-- 55 root root 852783 2008-12-11 httpd-manual-2.2.3-22.el5.i386.rpm
[root@apache-server Server]# yum install httpd*
[root@apache-server ~]# yum list installed |grep httpd*
2.查看安装形成的文件和配置文件
[root@apache-server Server]# rpm –ql httpd
--查看可以编辑的配置文件
[root@apache-server Server]# rpm -qc httpd
--配置文件包含conf.d/中的所有.conf 文件和conf/httpd.conf
--访问日志存放地点
#cd /var/log/httpd/
#cd /etc/httpd/modules
==/usr/lib/httpd/modules/
[root@apache-server httpd]# ll /usr/sbin/httpd
-rwxr-xr-x 1 root root 315284 Nov 12 2008 /usr/sbin/httpd
3.httpd进程号
[root@apache-server httpd]# pwd
/etc/httpd
[root@apache-server httpd]# cat run/httpd.pid
858
[root@apache-server httpd]# service httpd status
httpd (pid 867 866 865 863 862 861 860 859 858) is running...
[root@apache-server httpd]#
[root@apache-server sbin]# grep apache /etc/passwd
apache:x:48:48:Apache:/var/www:/sbin/nologin
--防止被攻击 nologin
[root@localhost ~]# ps -aux |grep apache
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
apache 1556 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd
apache 1557 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd
apache 1558 0.0 0.5 10544 2648 ? S 22:53 0:00 /usr/sbin/httpd
apache 1559 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd
apache 1560 0.0 0.4 10544 2104 ? S 22:53 0:00 /usr/sbin/httpd
apache 1562 0.0 0.5 10544 2644 ? S 22:53 0:00 /usr/sbin/httpd
apache 1563 0.0 0.5 10544 2648 ? S 22:53 0:00 /usr/sbin/httpd
apache 1564 0.0 0.4 10544 2104 ? S 22:53 0:00 /usr/sbin/httpd
root 1627 0.0 0.0 1836 504 pts/4 S+ 23:11 0:00 grep apache
[root@localhost ~]#
4.apache的模块.
--查看模块
[root@apache-server sbin]# cd /etc/httpd/
[root@apache-server httpd]# httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
[root@apache-server httpd]#
[root@apache-server httpd]# setup
Security disabled 安全级别要关闭
--不允许打开非标准端口的
5.编辑主配置文件
[root@apache-server httpd]# vim conf/httpd.conf
210 Include conf.d/*.conf
274 UseCanonicalName Off
#打开这个UseCanonicalName是Web服务器的标准做法,因为客户发送的大部分请求都是对#本服务器的引用,这样服务器就能使用ServerName和Port选项的设置内容构建完整的#URL,并回应客户,使浏览器能得到规范的URL。如果将这个参数设置为Off,那么Apache
#将使用从客户请求中获得服务器的名字和端口值(支持HTTP 1.1的客户的请求中将会有这#些信息),重新构建URL。
281 DocumentRoot "/var/www/html"
291 <Directory />
292 Options FollowSymLinks
293 AllowOverride None
294 </Directory>
--开启验证
[root@apache-server html]# vim /etc/httpd/conf/httpd.conf
306 <Directory "/var/www/html">
327 AllowOverride all
--来源控制 allow 和deny 的前后顺序使用不一样 访问也限制也会不一样
332 Order allow,deny
333 Allow from all
#deny from 192.168.101.100
--登陆验证信息存放文件
335 </Directory>
398 AccessFileName .htaccess
6.访问apache
[root@apache-server httpd]# links 127.0.0.1
[root@apache-server html]# cd /var/www/html/
[root@apache-server html]# vim index.html
[root@apache-server html]# links 192.168.101.80:/index.html http://192.168.101.80/index.html hello word!
--默认欢迎页面
[root@apache-server html]# ll /etc/httpd/conf.d
-rw-r--r-- 1 root root 299 Nov 12 2008 welcome.conf
[root@apache-server html]#
7.创建身份验证的用户
--身份验证的说明
[root@localhost html]# vim index.html
hello my auth..test!
[root@apache-server html]# pwd
/var/www/html
[root@apache-server html]# vim .htaccess
authuserfile /var/www/html/.passwd
authtype basic
authname "please input your name add your passwd:"
require zhangsan,lisi,wangwu
#require valid-user
8.在.htaccess 同个web主目录建账号文件
[root@apache-server html]# htpasswd
-c Create a new file.
-n Don't update file; display results on stdout.
-m Force MD5 encryption of the password.
-d Force CRYPT encryption of the password (default).
-p Do not encrypt the password (plaintext).
-s Force SHA encryption of the password.
-b Use the password from the command line rather than prompting for it.
-D Delete the specified user.
[root@apache-server html]# htpasswd -c .passwd zhangsan
[root@apache-server html]# htpasswd .passwd lisi
[root@apache-server html]# cat .passwd
zhangsan:KeB.Yh7Tfn9dA
lisi:3GR28hIvQT/J.
--不是系统的账号,仅是apache内部站点的账号
9.实现身份验证测试
![](http://img1.51cto.com/attachment/201109/231216282.jpg)
23-1
![](http://img1.51cto.com/attachment/201109/231231245.jpg)
23-2
协议
1. http 明文传递
版本
1) 1.0 一次连接一次请求
2) 1.1 一次连接多次请求
2. https使用 mod_ssl 加密传输的;端口号443
安装apache,实现登陆用户的身份验证
1. 安装apache
[root@apache-server ~]# vim /etc/hosts
--给主机hostname定义个别名
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost apacheserver
::1 localhost6.localdomain6 localhost6
[root@apache-server ~]# mount /dev/cdrom /mnt/cdrom
[root@apache-server ~]# cd /mnt/cdrom/Server/
--需要安装包
[root@apache-server Server]# ll http*
-r--r--r-- 55 root root 1270589 2008-12-11 httpd-2.2.3-22.el5.i386.rpm
-r--r--r-- 63 root root 151651 2008-12-11 httpd-devel-2.2.3-22.el5.i386.rpm
-r--r--r-- 55 root root 852783 2008-12-11 httpd-manual-2.2.3-22.el5.i386.rpm
[root@apache-server Server]# yum install httpd*
[root@apache-server ~]# yum list installed |grep httpd*
2.查看安装形成的文件和配置文件
[root@apache-server Server]# rpm –ql httpd
--查看可以编辑的配置文件
[root@apache-server Server]# rpm -qc httpd
--配置文件包含conf.d/中的所有.conf 文件和conf/httpd.conf
--访问日志存放地点
#cd /var/log/httpd/
#cd /etc/httpd/modules
==/usr/lib/httpd/modules/
[root@apache-server httpd]# ll /usr/sbin/httpd
-rwxr-xr-x 1 root root 315284 Nov 12 2008 /usr/sbin/httpd
3.httpd进程号
[root@apache-server httpd]# pwd
/etc/httpd
[root@apache-server httpd]# cat run/httpd.pid
858
[root@apache-server httpd]# service httpd status
httpd (pid 867 866 865 863 862 861 860 859 858) is running...
[root@apache-server httpd]#
[root@apache-server sbin]# grep apache /etc/passwd
apache:x:48:48:Apache:/var/www:/sbin/nologin
--防止被攻击 nologin
[root@localhost ~]# ps -aux |grep apache
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
apache 1556 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd
apache 1557 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd
apache 1558 0.0 0.5 10544 2648 ? S 22:53 0:00 /usr/sbin/httpd
apache 1559 0.0 0.5 10544 2700 ? S 22:53 0:00 /usr/sbin/httpd
apache 1560 0.0 0.4 10544 2104 ? S 22:53 0:00 /usr/sbin/httpd
apache 1562 0.0 0.5 10544 2644 ? S 22:53 0:00 /usr/sbin/httpd
apache 1563 0.0 0.5 10544 2648 ? S 22:53 0:00 /usr/sbin/httpd
apache 1564 0.0 0.4 10544 2104 ? S 22:53 0:00 /usr/sbin/httpd
root 1627 0.0 0.0 1836 504 pts/4 S+ 23:11 0:00 grep apache
[root@localhost ~]#
4.apache的模块.
--查看模块
[root@apache-server sbin]# cd /etc/httpd/
[root@apache-server httpd]# httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
[root@apache-server httpd]#
[root@apache-server httpd]# setup
Security disabled 安全级别要关闭
--不允许打开非标准端口的
5.编辑主配置文件
[root@apache-server httpd]# vim conf/httpd.conf
210 Include conf.d/*.conf
274 UseCanonicalName Off
#打开这个UseCanonicalName是Web服务器的标准做法,因为客户发送的大部分请求都是对#本服务器的引用,这样服务器就能使用ServerName和Port选项的设置内容构建完整的#URL,并回应客户,使浏览器能得到规范的URL。如果将这个参数设置为Off,那么Apache
#将使用从客户请求中获得服务器的名字和端口值(支持HTTP 1.1的客户的请求中将会有这#些信息),重新构建URL。
281 DocumentRoot "/var/www/html"
291 <Directory />
292 Options FollowSymLinks
293 AllowOverride None
294 </Directory>
--开启验证
[root@apache-server html]# vim /etc/httpd/conf/httpd.conf
306 <Directory "/var/www/html">
327 AllowOverride all
--来源控制 allow 和deny 的前后顺序使用不一样 访问也限制也会不一样
332 Order allow,deny
333 Allow from all
#deny from 192.168.101.100
--登陆验证信息存放文件
335 </Directory>
398 AccessFileName .htaccess
6.访问apache
[root@apache-server httpd]# links 127.0.0.1
[root@apache-server html]# cd /var/www/html/
[root@apache-server html]# vim index.html
[root@apache-server html]# links 192.168.101.80:/index.html http://192.168.101.80/index.html hello word!
--默认欢迎页面
[root@apache-server html]# ll /etc/httpd/conf.d
-rw-r--r-- 1 root root 299 Nov 12 2008 welcome.conf
[root@apache-server html]#
7.创建身份验证的用户
--身份验证的说明
[root@localhost html]# vim index.html
hello my auth..test!
[root@apache-server html]# pwd
/var/www/html
[root@apache-server html]# vim .htaccess
authuserfile /var/www/html/.passwd
authtype basic
authname "please input your name add your passwd:"
require zhangsan,lisi,wangwu
#require valid-user
8.在.htaccess 同个web主目录建账号文件
[root@apache-server html]# htpasswd
-c Create a new file.
-n Don't update file; display results on stdout.
-m Force MD5 encryption of the password.
-d Force CRYPT encryption of the password (default).
-p Do not encrypt the password (plaintext).
-s Force SHA encryption of the password.
-b Use the password from the command line rather than prompting for it.
-D Delete the specified user.
[root@apache-server html]# htpasswd -c .passwd zhangsan
[root@apache-server html]# htpasswd .passwd lisi
[root@apache-server html]# cat .passwd
zhangsan:KeB.Yh7Tfn9dA
lisi:3GR28hIvQT/J.
--不是系统的账号,仅是apache内部站点的账号
9.实现身份验证测试
![](http://img1.51cto.com/attachment/201109/231216282.jpg)
23-1
![](http://img1.51cto.com/attachment/201109/231231245.jpg)
23-2
相关文章推荐
- linux-apache安装实现用户登录身份验证
- linux中安装apache和resin实现负载均衡
- linux下apache+mysql+php的rpm包安装实现phpwind
- Linux下Apache的简单安装并验证
- Linux ubuntu下安装配置apache,php,mysql并实现操作
- Linux 下实现 Apache服务器用户验证
- 在安装discuz!nt时,数据库用户登录失败的问题时,sql server 2008 数据库更改登录模式(sql server 2008 混合登陆中SqlServer身份验证用户名密码)
- 【随笔】mvc使用forms身份验证实现登陆
- Apache中实现身份验证和访问控制
- linux-发布个人站点实现身份验证
- Linux客户端(系统)使用LDAP实现身份验证
- 一个简单的学生登陆系统的jsp实现之登陆身份验证
- apache实现身份验证
- linux-发布个人站点和实现身份验证-022
- Asp.net 登陆页面的Ajax异步身份验证的实现
- linux下实现ssh无密码验证登陆
- Linux下实现SSH无密码验证登陆
- 一个简单的学生登陆系统的jsp实现之身份验证
- 个简单的学生登陆系统的jsp实现之登陆身份验证
- SQL 2005 安装成功后无法用windows身份验证登陆,错误18456