2018-05-29 (用户认证、域名跳转、Apache日志文件)

11.18Apache用户认证

vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf//把123.com那个虚拟主机编辑成如下内容
<VirtualHost*:80>
DocumentRoot"/data/wwwroot/www.123.com"
ServerNamewww.123.com
<Directory/data/wwwroot/www.123.com>//指定认证的目录
AllowOverrideAuthConfig//这个相当于打开认证的开关
AuthName"123.comuserauth"//自定义认证的名字，作用不大
AuthTypeBasic//认证的类型，一般为Basic，其他类型阿铭没用过
AuthUserFile/data/.htpasswd//指定密码文件所在位置
requirevalid-user//指定需要认证的用户为全部可用用户
</Directory>
</VirtualHost>
/usr/local/apache2.4/bin/htpasswd-c-m/data/.htpasswdaming
重新加载配置-t,graceful
绑定hosts，浏览器测试
curl-x127.0.0.1:80www.123.com//状态码为401
curl-x127.0.0.1:80-uaming:passwdwww.123.com//状态码为200

文件配置完后，发现没有需要认证

检查配置文件发现文件配置错误，应删掉红框中的"www"

检查结果：

[root@locher~]#curl-x127.0.0.1:80111.com <!DOCTYPEHTMLPUBLIC"-//IETF//DTDHTML2.0//EN"> <html><head> <title>401Unauthorized</title> </head><body> <h1>Unauthorized</h1> <p>Thisservercouldnotverifythatyou areauthorizedtoaccessthedocument requested.Eitheryousuppliedthewrong credentials(e.g.,badpassword),oryour browserdoesn\'tunderstandhowtosupply thecredentialsrequired.</p> </body></html> [root@locher~]#

[root@locher~]#curl-x127.0.0.1:80111.com-I HTTP/1.1401Unauthorized Date:Tue,29May201815:02:22GMT Server:Apache/2.4.29(Unix)PHP/5.6.30 WWW-Authenticate:Basicrealm="111.comuserauth" Content-Type:text/html;charset=iso-8859-1 [root@locher~]#

在curl中输入用户名密码(-u用户名:密码)：

[root@locher~]#curl-x127.0.0.1:80-uwang:1234111.com 111.com[root@locher~]#curl-x127.0.0.1:80-uwang:1234111.com-I HTTP/1.1200OK Date:Tue,29May201815:11:41GMT Server:Apache/2.4.29(Unix)PHP/5.6.30 X-Powered-By:PHP/5.6.30 Content-Type:text/html;charset=UTF-8 [root@locher~]#

针对文件的用户认证：

<VirtualHost*:80> DocumentRoot"/data/wwwroot/111.com" ServerName111.com ServerAliaswww.example.com #<Directory/data/wwwroot/111.com> <FilesMatch123.php> AllowOverrideAuthConfig AuthName"111.comuserauth" AuthTypeBasic AuthUserFile/data/.htpasswd requirevalid-user </FilesMatch> #</Directory> ErrorLog"logs/111.com-error_log" CustomLog"logs/111.com-access_log"common </VirtualHost>

效果如图：

11.19域名跳转

<IfModulemod_rewrite.c>//需要mod_rewrite模块支持
RewriteEngineon//打开rewrite功能
RewriteCond%{HTTP_HOST}!^www.123.com$//定义rewrite的条件，主机名（域名）不是www.123.com满足条件
RewriteRule^/(.*)$http://www.123.com/$1[R=301,L]//定义rewrite规则，当满足上面的条件时，这条规则才会执行
</IfModule>

打开/usr/local/apache2.4/conf/httpd.conf文件，删掉红框那行的"#"

结果如下图：

11.21Apache访问日志

访问日志记录用户的每一个请求
vim/usr/local/apache2.4/conf/httpd.conf//搜索LogFormat
LogFormat"%h%l%u%t"%r"%>s%b"%{Referer}i""%{User-Agent}i""combined
LogFormat"%h%l%u%t"%r"%>s%b"common
把虚拟主机配置文件改成如下：
<VirtualHost*:80>
DocumentRoot"/data/wwwroot/111.com"
ServerName111.com
ServerAliaswww.example.com2111.com.cn
#<Directory/data/wwwroot/111.com>
#<FilesMatch123.php>
#AllowOverrideAuthConfig
#AuthName"111.comuserauth"
#AuthTypeBasic
#AuthUserFile/data/.htpasswd
#requirevalid-user
#</FilesMatch>
#</Directory>
<IfModulemod_rewrite.c>
RewriteEngineon
RewriteCond%{HTTP_HOST}!^111.com$
RewriteRule^/(.*)$http://111.com/$1[R=301,L]
</IfModule>

ErrorLog"logs/111.com-error_log"
CustomLog"logs/111.com-access_log"combined
</VirtualHost>
重新加载配置文件-t,graceful
curl-x127.0.0.1:80-I123.com
tail/usr/local/apache2.4/logs/123.com-access_log

在Apache配置文件中找到这两行：

在虚拟主机配置文件中

将"common"改为"combined"

日志文件具体内容：