您好,登錄后才能下訂單哦!
KeepAlive
KeepAlive' Timeout
作用
使用Require
配置項(xiàng)實(shí)現(xiàn)訪問控制,按先后順序限制
可用于<Location>、<Directory>、<Files>、 <Limit>
配置段中
Require
配置項(xiàng)的常見語法Require all granted
Require all denied
Require local
Require [not] host <主機(jī)名或域名列表>
//使用not禁止訪問時(shí)要將其置于<RequireAll> </RequireAll>容器中并在容器中指定相應(yīng)的限制策略
Require [not] ip <IP地址或網(wǎng)段列表>
在Linux
系統(tǒng)中安裝DNS、HTTP
服務(wù),并設(shè)置DNS
服務(wù)。
[root@localhost ~]# yum install bind httpd -y //安裝服務(wù)
已加載插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
...//省略部分內(nèi)容...
已安裝:
bind.x86_64 32:9.11.4-9.P2.el7 httpd.x86_64 0:2.4.6-90.el7.centos
...//省略部分內(nèi)容...
完畢!
[root@localhost conf]# vim /etc/named.conf //編輯DNS配置文件
...//省略部分內(nèi)容...
options {
listen-on port 53 { any; }; //更改IP地址為any
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; }; //更改監(jiān)聽主機(jī)為any
...//省略部分內(nèi)容...
:wq
[root@localhost conf]# vim /etc/named.rfc1912.zones //編輯區(qū)域配置文件
...//省略部分內(nèi)容...
zone "kgc.com" IN { //更改域名
type master;
file "kgc.com.zone"; //更改區(qū)域數(shù)據(jù)文件名
allow-update { none; };
};
...//省略部分內(nèi)容...
:wq
[root@localhost conf]# cd /var/named/ //進(jìn)入?yún)^(qū)域數(shù)據(jù)文件目錄
[root@localhost named]# ls //查看目錄
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@localhost named]# cp -p named.localhost kgc.com.zone //復(fù)制區(qū)域數(shù)據(jù)文件
[root@localhost named]# vim kgc.com.zone //進(jìn)入編輯文件
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
www IN A 192.168.144.133 //設(shè)置域名解析
:wq //保存退出
開啟兩臺(tái)win 10客戶機(jī),并查看客戶機(jī)IP地址
在Linux系統(tǒng)中進(jìn)入http服務(wù)站點(diǎn)目錄,編輯主頁內(nèi)容,并開啟DNS、HTTP服務(wù),關(guān)閉防火墻及增強(qiáng)性安全功能
[root@localhost named]# cd /var/www/html/ //進(jìn)入http服務(wù)站點(diǎn)目錄
[root@localhost html]# vim index.html //編輯默認(rèn)主頁
<h2>this is kgc web</h2> //編輯內(nèi)容
:wq
[root@localhost html]# ls //查看
index.html
[root@localhost html]# cat index.html //查看網(wǎng)頁內(nèi)容
<h2>this is kgc web</h2>
[root@localhost html]# systemctl start httpd.service //啟動(dòng)http服務(wù)
[root@localhost html]# systemctl start named //啟動(dòng)DNS服務(wù)
[root@localhost html]# systemctl stop firewalld.service //關(guān)閉防火墻
[root@localhost html]# setenforce 0 //關(guān)閉增強(qiáng)性安全功能
使用兩臺(tái)win 10客戶機(jī)分別訪問往網(wǎng)站信息,看服務(wù)是否正常提供
在Linux系統(tǒng)中配置HTTP服務(wù)配置文件,設(shè)置客戶機(jī)訪問權(quán)限
[root@localhost html]# vim /etc/httpd/conf/httpd.conf
//編輯主配置文件內(nèi)容(現(xiàn)網(wǎng)中不建議直接修改主配置文件內(nèi)容,可以重新添加子配置文件進(jìn)行限制)
...//省略部分內(nèi)容...
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
<RequireALL> //在此容器下添加子容器
Require not ip 192.168.144.128
//添加限制訪問主機(jī)的IP地址(如若限制網(wǎng)段直接添加192.168.144.0/24即可,注意限制網(wǎng)段需填寫子網(wǎng)掩碼)
Require all granted
</RequireALL>
</Directory>
...//省略部分內(nèi)容...
:wq
[root@localhost html]# systemctl restart httpd.service
查看限制的第一臺(tái)win 10客戶端是否還可以訪問網(wǎng)站
創(chuàng)建用戶認(rèn)證數(shù)據(jù)庫
[root@localhost html]# htpasswd -c /etc/httpd/conf/pwd test01
//創(chuàng)建用戶認(rèn)證數(shù)據(jù)庫(-c為創(chuàng)建,如果已經(jīng)存在數(shù)據(jù)認(rèn)證文件可以不用-c,直接就可以使用命令添加進(jìn)認(rèn)證文件中)
New password: //輸入設(shè)置的密碼
Re-type new password: //再次輸入密碼
Adding password for user test01 //成功創(chuàng)建
[root@localhost html]# cd /etc/httpd/conf //進(jìn)入目錄
[root@localhost conf]# ls //查看
httpd.conf magic pwd //成功創(chuàng)建文件
[root@localhost conf]# cat pwd //查看文件內(nèi)容
test01:$apr1$zDZ/54yz$rUCXaWixaltHE6ZBvjv0h/ //創(chuàng)建的用戶及密碼
添加用戶授權(quán)配置
[root@localhost conf]# vim httpd.conf
...//省略部分內(nèi)容...
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
AuthName "DocumentRoot" //更改上面的訪問控制條目,此條目聲明驗(yàn)證信息
AuthType Basic //驗(yàn)證類型為基本驗(yàn)證
AuthUserFile /etc/httpd/conf/pwd //驗(yàn)證文件路徑
Require valid-user //設(shè)置為授權(quán)用戶驗(yàn)證
</Directory>
...//省略部分內(nèi)容...
:wq //保存退出
[root@localhost conf]# systemctl restart httpd.service //重新啟動(dòng)服務(wù)
在客戶機(jī)中驗(yàn)證配置
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場,如果涉及侵權(quán)請(qǐng)聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。