Using Apache Using Apache under UNIX

xiaoxiao2021-03-05  20

User authentication is one of the very important technologies in network security, usually in order to limit illegal access to unauthorized users. In fact, the application is relatively simple. For example, I have a website, the domain name is: www.51ww.com, then my home page is allowed to access, but if my http://www.51ww.com/admin directory is my website Directory, I don't want others to visit, in order to prevent illegal landing and some SQL INJECTION and other attacks, then I can use the user to authenticate, others only open http://www.com/admin directory or any of the directory Files, you have to enter the login username and password to view the content under this directory, then you play a barrier role, which prevents some illegal landing. Simply talk about the reason, then we simply say how to implement this function in Apache. (The following platform is freebsd5.3 apache 2.0.52) We have to implement this feature, need two steps: 1. Creating a password table assumes that our apache is installed under / usr / local / apache2, then we do Operation: # cd / usr / local / apache2 / bin # ./htpasswd -c admin.txt admin_login // Create an admin.txt's password file, store the login password, and the user is admin_login then prompt You enter your password: new password: ******** RE-TYPE new password: ******* Adding password for user admin_login proves that the addition is successful, and stores the username and password to / usr / Local / apache2 / bin / admin.txt file, the default password is encrypted, I don't know if MD5 encryption or SHA encryption, anyway, is a non-reversible password. 2. Modify the httpd.conf file to modify the apache's configuration file httpd.conf file, to specify that files need to be accessed using the username and password, then we are adding below /usr/local/apache2/conf/httpd.conf Add the following : "Login User" AuthUserFile /usr/local/apache2/bin/admin.txt require user admin_login the above definition of Options MultiViews AllowOverride None AuthType Basic AuthName is that our Website root directory is below / usr / www, we need to authenticate the directory in / usr / www / admin, the password file that is applying to the certification is in /usr/local/apache2/bin/admin.txt, the user The name is admin_login, and the contents of the prompt are login user. After saving httpd.conf, restart Apache, then we now access http://www.51ww.com/admin will pop up the username and password dialog box.

Of course, the above user authentication is not so simple, but also more complicated applications, you can refer to other files, such as the following: http://5700.blogdriver.com/5700/113165.htmlhttp: //www.sd99 .com / image / xiaran / article / 81.htmlhttp: //www.5ilinux.com/apache03.htmlwrite by Heiyeluren 2005/04/08

转载请注明原文地址:https://www.9cbs.com/read-38379.html

New Post(0)