介绍 (Introduction)
This tutorial will walk you through password-protecting assets on an Apache web server running on Ubuntu 18.04. Completing these steps will provide your server with additional security so that unauthorized users cannot access certain parts of your page.
本教程将引导您逐步了解在Ubuntu 18.04上运行的Apache Web服务器上的密码保护资产。 完成这些步骤将为您的服务器提供额外的安全性,以便未经授权的用户无法访问页面的某些部分。
For a more detailed version of this tutorial, with more explanations of each step, please refer to How To Set Up Password Authentication with Apache on Ubuntu 18.04.
有关本教程的更详细版本,以及每个步骤的更多说明,请参考如何在Ubuntu 18.04上使用Apache设置密码认证 。
先决条件 (Prerequisites)
In order to complete this tutorial, you will need access to the following on an Ubuntu 18.04 server:
为了完成本教程,您将需要在Ubuntu 18.04服务器上访问以下内容:
A
sudouser on your server服务器上的
sudo用户An Apache2 web server
Apache2 Web服务器
A site secured with SSL
受SSL保护的网站
第1步-安装Apache Utilities软件包 (Step 1 — Install the Apache Utilities Package)
We’ll install a utility called htpasswd, part of the apache2-utils package to manage usernames and passwords with access to restricted content.
我们将安装一个名为htpasswd的实用程序,该实用程序是apache2-utils软件包的一部分,用于管理具有受限制内容访问权的用户名和密码。
- sudo apt update sudo apt更新
- sudo apt install apache2-utils sudo apt安装apache2-utils
第2步-创建密码文件 (Step 2 — Create the Password File)
We’ll create the first user as follows (replace `first_username with username of your choice):
我们将如下创建第一个用户(用您选择的用户名替换` first_username ):
sudo htpasswd -c /etc/apache2/.htpasswd first_username
须藤htpasswd -c /etc/apache2/.htpasswd first_username
You will be asked to supply and confirm a password for the user.
系统将要求您提供并确认用户密码。
Leave out the -c argument for any additional users you wish to add so you don’t overwrite the file:
对于要添加的其他任何用户,请省略-c参数,以免覆盖文件:
sudo htpasswd /etc/apache2/.htpasswd another_user
须藤htpasswd /etc/apache2/.htpasswd another_user
步骤3 —配置Apache密码身份验证 (Step 3 — Configure Apache Password Authentication)
In this step, we need to configure Apache to check this file before serving our protected content. We will do this by using the site’s virtual host file, but there is another option detailed in the longer tutorial if you don’t have access or prefer to use .htaccess files instead.
在此步骤中,我们需要配置Apache在提供受保护的内容之前检查该文件。 我们将通过使用站点的虚拟主机文件来执行此操作,但是如果您无权访问或更喜欢使用.htaccess文件,则在较长的教程中将详细介绍另一个选项。
Open up the virtual host file that you wish to add a restriction to with a text editor such as nano:
使用文本编辑器(例如nano)打开要添加限制的虚拟主机文件:
sudo nano /etc/apache2/sites-enabled/default-ssl.conf
须藤纳米/ etc / apache2 / sites-enabled / default-ssl.conf
Authentication is done on a per-directory basis. In our example, we’ll restrict the entire document root, but you can modify this listing to only target a specific directory within the web space.
身份验证是基于每个目录进行的。 在我们的示例中,我们将限制整个文档的根目录,但是您可以修改此列表,使其仅定位到Web空间中的特定目录。
In this step, add the following highlighted lines in your file:
在此步骤中,在文件中添加以下突出显示的行:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory "/var/www/html">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Directory>
</VirtualHost>Check the configuration with the following command:
使用以下命令检查配置:
You can restart the server to implement your password policy, and then check the status of your server.
您可以重新启动服务器以实施密码策略,然后检查服务器的状态。
- sudo systemctl restart apache2 sudo systemctl重新启动apache2
- sudo systemctl status apache2 sudo systemctl状态apache2
步骤4 —确认密码身份验证 (Step 4 — Confirm Password Authentication)
To confirm that your content is protected, try to access your restricted content in a web browser. You should be presented with a username and password prompt:
要确认您的内容受到保护,请尝试在Web浏览器中访问受限制的内容。 您应该看到一个用户名和密码提示:
翻译自: https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-18-04-quickstart
