11月15日任务

11.18 Apache用户认证

11.19/11.20 域名跳转

11.21 Apache访问日志

 

11.18 Apache用户认证

• vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把123.com那个虚拟主机编辑成如下内容
• <VirtualHost *:80>
•     DocumentRoot "/data/wwwroot/www.123.com"
•     ServerName www.123.com
•     <Directory /data/wwwroot/www.123.com> //指定认证的目录
•         AllowOverride AuthConfig //这个相当于打开认证的开关
•         AuthName "123.com user auth" //自定义认证的名字，作用不大
•         AuthType Basic //认证的类型，一般为Basic，其他类型阿铭没用过
•         AuthUserFile /data/.htpasswd  //指定密码文件所在位置
•         require valid-user //指定需要认证的用户为全部可用用户
•     </Directory>
• </VirtualHost>
•  /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd aming 
•  重新加载配置-t , graceful
•  绑定hosts，浏览器测试
•  curl -x127.0.0.1:80 www.123.com //状态码为401
•  curl -x127.0.0.1:80 -uaming:passwd www.123.com //状态码为200

 

[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf 

[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/htpasswd -c -m /data/.htppasswd zhangguoxiang     #-c 创建    -m 表示md5加密

[root@zgxlinux-01 ~]# cat /data/.htppasswd 

zhangguoxiang:$apr1$RKbRex0f$R0QtyiT0EuEsfJmxwSwhl0 [root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/htpasswd -m /data/.htppasswd zhangsan        #这时候不需要指定-c 因为这个文件已经创建过 New password:  Re-type new password:  Adding password for user zhangsan [root@zgxlinux-01 ~]# cat /data/.htppasswd  zhangguoxiang:$apr1$RKbRex0f$R0QtyiT0EuEsfJmxwSwhl0 zhangsan:$apr1$q/7YWXFI$OQJYI5OfO8in3KdDYi.Eo1 [root@zgxlinux-01 ~]#  /usr/local/apache2.4.37/bin/apachectl -t Syntax OK [root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful [root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful [root@zgxlinux-01 ~]# curl -x127.0.0.1:80 111.com <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Unauthorized</title> </head><body> <h1>Unauthorized</h1> <p>This server could not verify that you are authorized to access the document requested.  Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> </body></html>

 

#针对单文件操作

• 还可以针对单个文件进行认证
• <VirtualHost *:80>
•     DocumentRoot "/data/wwwroot/www.123.com"
•     ServerName www.123.com
•     <FilesMatch admin.php>
•         AllowOverride AuthConfig
•         AuthName "123.com user auth"
•         AuthType Basic
•         AuthUserFile /data/.htpasswd
•         require valid-user
•     </FilesMatch>
• </VirtualHost>

#创建一个123pho

[root@zgxlinux-01 ~]# vim /data/wwwroot/111.com/123.php

 

11.19 、域名跳转

• 需求，把123.com域名跳转到www.123.com，配置如下：
• <VirtualHost *:80>
•     DocumentRoot "/data/wwwroot/www.123.com"
•     ServerName www.123.com
•     ServerAlias 123.com
•     <IfModule mod_rewrite.c> //需要mod_rewrite模块支持
•         RewriteEngine on  //打开rewrite功能
•         RewriteCond %{HTTP_HOST} !^www.123.com$  //定义rewrite的条件，主机名（域名）不是www.123.com满足条件
•         RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则，当满足上面的条件时，这条规则才会执行
• </IfModule>
• </VirtualHost> 
•  /usr/local/apache2/bin/apachectl -M|grep -i rewrite //若无该模块，需要编辑配置文件httpd.conf，删除rewrite_module (shared) 前面的#
•  curl -x127.0.0.1:80 -I 123.com //状态码为301

#编辑配置文件 /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf   ，301表示永久跳转

[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -t

Syntax OK [root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful

[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -M |grep rewrite

[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/httpd.conf   #修改配置文件，注释这一行，加载module模块。

[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -M |grep rewrite

 rewrite_module (shared)

[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -t

Syntax OK [root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful [root@zgxlinux-01 ~]# curl -x192.168.56.128:80 2111.com.cn -I     #-I表示不显示结果而显示状态码 HTTP/1.1 301 Moved Permanently Date: Sat, 17 Nov 2018 09:43:04 GMT Server: Apache/2.4.37 (Unix) PHP/5.6.32 Location: http://www.111.com/ Content-Type: text/html; charset=iso-8859-1

[root@zgxlinux-01 ~]# curl -x192.168.56.128:80 2111.com.cn 

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.111.com/">here</a>.</p> </body></html>

 

11.21 、Apache访问日志

• 访问日志记录用户的每一个请求
• vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat

        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

        LogFormat "%h %l %u %t \"%r\" %>s %b" common 

•  把虚拟主机配置文件改成如下： 

         <VirtualHost *:80>

         DocumentRoot "/data/wwwroot/www.123.com"

         ServerName www.123.com

         ServerAlias 123.com

        CustomLog "logs/123.com-access_log" combined

       </VirtualHost>

•  重新加载配置文件 -t,graceful
•  curl -x127.0.0.1:80 -I 123.com 
•  tail /usr/local/apache2.4/logs/123.com-access_lo

 

[root@zgxlinux-01 ~]# ls /usr/local/apache2.4.37/logs/

111.com-access_log  abc.com-access_log  access_log  httpd.pid 111.com-error_log   abc.com-error_log   error_log

[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/httpd.conf

[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf