CentOS´î½¨webЧÀÍÆ÷µÄȨÏÞÖÎÀíÓë»á¼û¿ØÖÆÕ½ÂÔ
centos´î½¨webЧÀÍÆ÷µÄȨÏÞÖÎÀíÓë»á¼û¿ØÖÆÕ½ÂÔ
Ëæ×Å»¥ÁªÍøµÄÉú³¤£¬webЧÀÍÆ÷ÔÚÆóÒµ»òСÎÒ˽È˵ÄÓ¦ÓÃÖÐÊÎÑÝ×ÅÔ½À´Ô½Ö÷ÒªµÄ½ÇÉ«¡£ÎªÁ˱£»¤Ð§ÀÍÆ÷µÄÇå¾²£¬ºÏÀíµÄȨÏÞÖÎÀíºÍ»á¼û¿ØÖÆÕ½ÂÔ±äµÃÖÁ¹ØÖ÷Òª¡£±¾ÎĽ«ÏÈÈÝÔõÑùÔÚCentOSϵͳÉϴwebЧÀÍÆ÷£¬²¢ÌṩһЩ´úÂëʾÀýÀ´Õ¹Ê¾È¨ÏÞÖÎÀíÓë»á¼û¿ØÖÆÕ½ÂÔµÄʵÑéÒªÁì¡£
Ò»¡¢×°ÖÃApache
ApacheÊÇÏÖÔÚʹÓÃ×îÆÕ±éµÄwebЧÀÍÆ÷Èí¼þÖ®Ò»¡£ÔÚCentOSÉÏ×°ÖÃApacheºÜÊǼòÆÓ£¬Ö»ÐèÒªÖ´ÐÐÒÔÏÂÏÂÁî¼´¿É£º
# ×°ÖÃApache sudo yum install httpd # Æô¶¯ApacheЧÀÍ sudo systemctl start httpd # ÉèÖÿª»ú×ÔÆô sudo systemctl enable httpd
µÇ¼ºó¸´ÖÆ
×°ÖÃÍê³Éºó£¬¿ÉÒÔͨ¹ýä¯ÀÀÆ÷»á¼ûЧÀÍÆ÷µÄIPµØµã£¬ÈôÊÇÄܹ»¿´µ½ApacheµÄĬÈÏÒ³Ã棬Ôò˵Ã÷×°ÖÃÀֳɡ£
¶þ¡¢È¨ÏÞÖÎÀí
¹ØÓÚwebЧÀÍÆ÷¶øÑÔ£¬È¨ÏÞÖÎÀíÊDZ£»¤Ð§ÀÍÆ÷Çå¾²µÄÖ÷ÒªÒ»»·¡£ÒÔÏÂÊǼ¸¸ö³£ÓõÄȨÏÞÖÎÀíÕ½ÂÔ£º
ÏÞÖÆÎļþϵͳµÄ»á¼ûȨÏÞ£ºÍ¨¹ýÐÞ¸ÄÎļþ»òĿ¼µÄȨÏÞÀ´ÏÞÖÆijЩÎļþ»òĿ¼µÄ»á¼ûȨÏÞ£¬È·±£Ö»ÓÐÊÚȨµÄÓû§¿ÉÒÔ»á¼û¡£
# ÐÞ¸ÄÎļþȨÏÞΪֻ¶Á chmod 444 file.txt # ÐÞ¸ÄĿ¼ȨÏÞ chmod 755 dir
µÇ¼ºó¸´ÖÆ
ÆôÓÃSELinux£ºSELinuxÊÇÒ»¸ö¶àÖØ»á¼û¿ØÖÆϵͳ£¬¿ÉÒÔ½øÒ»²½±£»¤Ð§ÀÍÆ÷µÄÇå¾²¡£¿ÉÒÔͨ¹ýÐÞ¸Ä/etc/selinux/configÎļþ½«SELinuxÉèÖÃΪenforcingģʽ¡£
# ±à¼ÉèÖÃÎļþ sudo vi /etc/selinux/config # ½«SELINUX¸ÄΪenforcing SELINUX=enforcing # ÖØÆôϵͳ sudo reboot
µÇ¼ºó¸´ÖÆ
ʹÓ÷À»ðǽ£ºCentOSĬÈÏ×°ÖÃÁËfirewalld·À»ðǽ£¬¿ÉÒÔʹÓÃfirewalldÉèÖùæÔòÀ´ÏÞÖÆÌض¨µÄIPµØµã»ò¶Ë¿ÚµÄ»á¼û¡£
# ¿ª·Å80¶Ë¿Ú£¨HTTP£© sudo firewall-cmd --zone=public --add-port=80/tcp --permanent # ÖØÆô·À»ðǽ sudo firewall-cmd --reload
µÇ¼ºó¸´ÖÆ
Èý¡¢»á¼û¿ØÖÆÕ½ÂÔ
³ýÁËȨÏÞÖÎÀíÍ⣬»á¼û¿ØÖÆÕ½ÂÔÒ²ÊDZ£»¤webЧÀÍÆ÷Çå¾²µÄÖ÷ÒªÊֶΡ£ÒÔÏÂÊǼ¸¸ö³£ÓõĻá¼û¿ØÖÆÕ½ÂÔ£º
ʹÓÃ.htaccessÎļþ£º.htaccessÎļþÊÇApacheÌṩµÄÒ»ÖÖÉèÖÃÎļþ£¬¿ÉÒÔͨ¹ýÔÚÍøÕ¾¸ùĿ¼Ï½¨Éè¸ÃÎļþ£¬²¢ÉèÖÃÏìÓ¦µÄ¹æÔòÀ´¿ØÖÆ»á¼û¡£
# ½¨Éè.htaccessÎļþ sudo vi /var/www/html/.htaccess # ʾÀý£ºÕ¥È¡»á¼ûijЩÎļþ <Files "secret.txt"> Deny from all </Files>
µÇ¼ºó¸´ÖÆ
ʹÓûùÓÚIPµØµãµÄ»á¼û¿ØÖÆ£º¿ÉÒÔͨ¹ýÔÚApacheµÄÉèÖÃÎļþÖÐÉèÖÃAllowºÍDenyÖ¸ÁÀ´ÔÊÐí»òեȡÌض¨µÄIPµØµã»á¼ûÍøÕ¾¡£
# ±à¼ApacheÖ÷ÉèÖÃÎļþ sudo vi /etc/httpd/conf/httpd.conf # ÔÚÊʵ±µÄλÖÃÌí¼ÓÒÔÏÂÄÚÈÝ£¬ÔÊÐíÌض¨IPµØµã»á¼û <Directory "/var/www/html"> Order allow,deny Allow from 192.168.1.100 </Directory>
µÇ¼ºó¸´ÖÆ
ʹÓÃÈÏÖ¤ºÍÊÚȨ£º¿ÉÒÔʹÓÃApacheÌṩµÄÄ£¿é£¬Èçmod_auth_basicºÍmod_authz_coreÀ´ÊµÏÖ»ùÓÚÓû§ÃûºÍÃÜÂëµÄÈÏÖ¤ºÍÊÚȨ¹¦Ð§¡£
# ×°ÖÃÈÏÖ¤ºÍÊÚȨģ¿é sudo yum install httpd-tools # ½¨ÉèÃÜÂëÎļþ sudo htpasswd -c /etc/httpd/passwords admin # ±à¼ApacheÉèÖÃÎļþ sudo vi /etc/httpd/conf/httpd.conf # Ìí¼ÓÒÔÏÂÄÚÈÝ£¬ÒªÇóÓû§µÇ¼²Å»ª»á¼û <Directory "/var/www/html"> AuthType Basic AuthName "Restricted Content" AuthUserFile /etc/httpd/passwords Require valid-user </Directory>
µÇ¼ºó¸´ÖÆ
ËÄ¡¢×ܽá
±¾ÎÄÏÈÈÝÁËÔÚCentOSϵͳÉϴwebЧÀÍÆ÷µÄȨÏÞÖÎÀíÓë»á¼û¿ØÖÆÕ½ÂÔ¡£Í¨¹ýºÏÀíµÄȨÏÞÖÎÀíºÍ»á¼û¿ØÖÆ£¬¿ÉÒÔÓÐÓõر£»¤webЧÀÍÆ÷µÄÇå¾²¡£ÔÚÏÖʵӦÓÃÖУ¬»¹¿ÉÒÔƾ֤ÏêϸÐèÇó¾ÙÐнøÒ»²½µÄÉèÖúÍÓÅ»¯¡£Ï£Íû±¾ÎĶÔÄúÓÐËù×ÊÖú£¡
ÒÔÉϾÍÊÇCentOS´î½¨webЧÀÍÆ÷µÄȨÏÞÖÎÀíÓë»á¼û¿ØÖÆÕ½ÂÔµÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡