本文索引:
- Apache用户认证
- 针对目录
- 针对单个文件
- 设置域名跳转
- 基本知识介绍
- 如何配置
- Apache访问日志
apache用户认证
针对目录
先确保主配置文件内开启了虚拟主机服务
[root@localhost ~]# vim /usr/local/apache2.4/conf/httpd.conf
# Virtual hosts
# Include conf/extra/httpd-vhosts.conf
删除Include行首的#,保存退出
编辑虚拟主机配置文件
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把111.com那个虚拟主机编辑成如下内容 <VirtualHost *:80> # 指定网页文件存储的根目录 DocumentRoot "/data/wwwroot/111.com" # 指定服务器的主机名 ServerName www.111.com
# 指定服务器的别名 ServerAlias www.example.com # 指定认证的目录 <Directory /data/wwwroot/111.com> # 这个相当于打开认证的开关 AllowOverride AuthConfig # 自定义认证的名字,作用不大 AuthName "111.com user auth" # 认证的类型,一般为Basic AuthType Basic # 指定密码文件所在位置 AuthUserFile /data/.htpasswd
# 指定需要认证的用户为全部可用用户 require valid-user # 指定错误日志 ErrorLog "logs/111.com-error_log" # 指定错误日志记录级别 CustomLog "logs/111.com-access_log" common用户加密 -c 创建 -m md5加密
[root@localhost ~]# /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd castiel
这里我简单设为了1
New password: Re-type new password: Adding password for user castiel、
[root@localhost ~]# cat /data/.htpasswd castiel:$apr1$iqyfAY.M$zJ12wj68C6BDDIpe41sWQ1
验证
访问时报401,需要认证
[root@localhost ~]# curl -x 192.168.65.133:80 www.example.com
401 Unauthorized Unauthorized
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
输入账户密码成功访问,状态码转为200
[root@localhost ~]# curl -x 192.168.65.133:80 -ucastiel:1 www.example.com 111.com
[root@localhost ~]# curl -x 192.168.65.133:80 -ucastiel:1 www.example.com -I HTTP/1.1 200 OK Date: Wed, 15 Nov 2017 12:58:50 GMT Server: Apache/2.4.28 (Unix) PHP/5.6.30 X-Powered-By: PHP/5.6.30 Content-Type: text/html; charset=UTF-8
针对单个文件的用户认证
同样的需要使用htpasswd创建用户密码文件
修改虚拟主机配置文件
<VirtualHost *:80> DocumentRoot "/data/wwwroot/111.com" ServerName 111.com ServerAlias www.example.com # 注释掉原先配置认证的目录 # <Directory /data/wwwroot/111.com> # 指定特定的文件123.php <FilesMatch 123.php>
AllowOverride AuthConfig AuthName "111.com user auth" AuthType Basic AuthUserFile /data/.htpasswd require valid-user # ErrorLog "logs/111.com-error_log" CustomLog "logs/111.com-access_log" common验证
访问其他网页无需账户密码即可正常登陆
[root@localhost ~]# curl -x 192.168.65.133:80 www.example.com 111.com [root@localhost ~]# curl -x 192.168.65.133:80 www.example.com -I HTTP/1.1 200 OK Date: Wed, 15 Nov 2017 13:01:54 GMT Server: Apache/2.4.28 (Unix) PHP/5.6.30 X-Powered-By: PHP/5.6.30 Content-Type: text/html; charset=UTF-8
访问特定的123.php文件时需要认证
[root@localhost ~]# curl -x 192.168.65.133:80 -ucastiel:1 111.com/123.php 123.php [root@localhost ~]# curl -x 192.168.65.133:80 111.com/123.php
401 Unauthorized Unauthorized
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
域名跳转(域名重定向)
基本知识介绍
可以通过域名来访问网站,当一个网站的域名更改后,通过对老域名设置域名跳转功能后,将用户跳转到新网址。例如在访问www.123.com时,对于设置了域名跳转的网址,浏览器将自动跳转到新网址www.abc.com。
网站的SEO:搜索引擎会将网络中的域名、网址进行记录,用户通过搜索引擎搜索网址,搜索引擎将以权重从高到低顺序显示,方便用户使用。如果不进行域名跳转,老域名的权重将一直比新域名高,导致无法找到新域名网址。可以通过设置新域名的状态码为301,来降低域名的权重。
如何配置
先在主配置文件内开启rewrite模块
[root@localhost ~]# vim /usr/local/apache/conf/httpd.conf
将“#LoadModule rewrite_module modules/mod_rewrite.so”开头的#去掉后保存退出
修改虚拟主机配置文件
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
...
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
<IfModule mod_rewrite.c>
RewriteEngine on
#定义rewrite的条件,主机名(域名)不是111.com的才满足
RewriteCond %{HTTP_HOST} !^111.com$
# 定义rewrite规则:当满足条件时,设置跳转规则,并定义状态;
# ^/即DocumentRoot,为该默认虚拟主机的根路径
# $1代替前面匹配的内容
# 状态码为301(永久重定向),L表示跳转结束
RewriteRule ^/(.*)$ http://111.com/$1 [r=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
修改完成检验后重新加载
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -M | grep rewrite
rewrite_module (shared)
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
测试,检验是否跳转
[root@localhost ~]# curl -x 127.0.0.1:80 111.com -I
HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Nov 2017 11:45:49 GMT
Server: Apache/2.4.28 (Unix) PHP/5.6.30
Location: http://www.111.com/
Content-Type: text/html; charset=iso-8859-1
关于状态码
# 200 允许访问
# 403 禁止访问 配置文件中设置Require all denied
# 404 找不到网页
# 301 永久重定向
访问日志
访问日志记录了用户的每一个请求
默认的访问日志
logs目录下存储的访问日志
[root@localhost ~]# ls /usr/local/apache2.4/logs/ 111.com-access_log abc.com-access_log access_log httpd.pid 111.com-error_log abc.com-error_log error_log
简单记录了访问的ip、时间、位置、状态码等信息
[root@localhost ~]# cat /usr/local/apache2.4/logs/111.com-access_log 192.168.65.133 - - [20/Nov/2017:19:25:48 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7 127.0.0.1 - - [20/Nov/2017:19:44:37 +0800] "GET HTTP://www.example.com/ HTTP/1.1" 301 227 127.0.0.1 - - [20/Nov/2017:19:45:09 +0800] "GET HTTP://111.com/ HTTP/1.1" 301 227 127.0.0.1 - - [20/Nov/2017:19:45:49 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 301 - 127.0.0.1 - - [20/Nov/2017:19:46:39 +0800] "HEAD HTTP://111.com/index.html HTTP/1.1" 301 - 127.0.0.1 - - [20/Nov/2017:19:46:53 +0800] "HEAD HTTP://111.com/index.php HTTP/1.1" 301 - 127.0.0.1 - - [20/Nov/2017:19:50:14 +0800] "HEAD HTTP://111.com/index.php HTTP/1.1" 301 -
访问日志格式
默认使用common那条格式记录日志
[root@localhost ~]# grep -n "LogFormat" /usr/local/apache2.4/conf/httpd.conf 284: LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined 285: LogFormat "%h %l %u %t "%r" %>s %b" common 289: LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %I %O" combinedio
Referer表示网页跳转前所在的网址。
修改日志格式
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf <VirtualHost :80> DocumentRoot "/data/wwwroot/111.com" ServerName 111.com ServerAlias www.example.com
RewriteEngine on RewriteCond %{HTTP_HOST} !^111.com$ RewriteRule ^/(. )$ http://111.com/$1 [r=301,L] ErrorLog "logs/111.com-error_log" # 上述的代码都没有变化 # 修改common为combined,这个是httpf.conf内设置的FormatLog CustomLog "logs/111.com-access_log" combined
重启服务
[root@localhost logs]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost logs]# /usr/local/apache2.4/bin/apachectl graceful
验证效果
[root@localhost logs]# curl -x 192.168.65.133:80 111.com -I
HTTP/1.1 200 OK
Date: Mon, 20 Nov 2017 12:46:25 GMT
Server: Apache/2.4.28 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Content-Type: text/html; charset=UTF-8
# 查看日志格式是否变化
[root@localhost logs]# cat /usr/local/apache2.4/logs/111.com-access_log
...
192.168.65.133 - - [20/Nov/2017:20:46:25 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 - "-"