....">
美文网首页
httpd常用配置:站点访问控制常见机制

httpd常用配置:站点访问控制常见机制

作者: Simon_Ye | 来源:发表于2020-02-21 16:09 被阅读0次

    站点访问控制常见机制

    可基于两种机制指明对哪些资源进行何种访问控制

    1. 文件系统路径:
      <Directory " ">
      ...
      </Directory>
      <File " ">
      ...
      </File>
      <FileMatch "PATTERN">
      ...
      </FileMatch>
      
    2. URL路径:
      <Location " ">
      ...
      </Location>
      <LocationMatch "PATTERN">
      ...
      </LocationMatch>
      

    <Directory>中“基于源地址”实现访问控制:

    1. Options
       后跟1个或多个以空白字符分隔的“选项”列表;
        Indexes:指明的URL路径下不存在与定义的主页面资源相符的资源文件时,返回索引列表给用户;
        FollowSymLinks:允许跟踪符号连接文件所指向的源文件;
        None:都不启用;
        All:除了MultiViews以外,都启用;
    2. AllowOverride
       与访问控制相关的哪些指令可以放在.htaccess文件(每个目录下都可以有一个)中;
        None:
        All:
    3. 主机访问权限:
      • 控制页面资源允许主机访问:
        • httpd-2.2:order和allow、deny

          <Directory " ">
            ...
            Order allow,deny
            Allow from all
            ...
          </Directory>
          

          order:定义生效次序;卸载后面的表示默认法则;
          Allow from,Deny from
            来源地址:
             IP
             NetAddr:
              172.16
              172.16.0.0
              172.16.0.0/16
              172.16.0.0/255.255.0.0

        • httpd-2.4

          <Directory " ">
            ...
            Require all granted
            ...
          </Directory>
          
          • 基于IP控制:
            <Directory " ">
              ...
              <RequireAll>
                Require ip IP.AD.DR.ESS
              </RequireAll>
              ...
            </Directory>
            
             Require ip IP地址或网络地址;
          • 基于主机名控制:
            <Directory " ">
              ...
              <RequireAll>
                Require host host.example.com
              </RequireAll>
              ...
            </Directory>
            
             Require host主机名或域名;

          注意:要放置于 <RequireAll> <RequireAny>配置块中;

      • 控制页面资源拒绝主机访问:
        • httpd-2.2

          <Directory " ">
            ...
            Order allow,deny
            Deny from all
            ...
          </Directory>
          
        • httpd-2.4

          <Directory " ">
            ...
            Require all denied
            ...
          </Directory>
          
          • 基于IP控制:
            <Directory " ">
              ...
              <RequireAll>
                Require not ip IP.AD.DR
              </RequireAll>
              ...
            </Directory>
            
             Require not ip IP地址或网络地址;
          • 基于主机名控制:
            <Directory " ">
              ...
              <RequireAll>
                Require not example.com
              </RequireAll>
              ...
            </Directory>
            
             Require not host主机名或域名;

          注意:要放置于 <RequireAll> <RequireAny>配置块中;

    相关文章

      网友评论

          本文标题:httpd常用配置:站点访问控制常见机制

          本文链接:https://www.haomeiwen.com/subject/chgcqhtx.html