2023-02-25 464
以下实验使用三台虚拟机完成。
服务器端:PC1,192.168.10.10
客户机端:PC2,192.168.10.20
客户机端:PC3,192.168.10.30
1、PC1服务器端安装apache服务
[root@PC1 ~]# yum install httpd -y
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
rhel7 | 4.1 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-17.el7 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-17.el7 for package: httpd-2.4.6-17.el7.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-17.el7.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package httpd-tools.x86_64 0:2.4.6-17.el7 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd x86_64 2.4.6-17.el7 rhel7 1.2 M
Installing for dependencies:
apr x86_64 1.4.8-3.el7 rhel7 103 k
apr-util x86_64 1.5.2-6.el7 rhel7 92 k
httpd-tools x86_64 2.4.6-17.el7 rhel7 77 k
mailcap noarch 2.1.41-2.el7 rhel7 31 k
Transaction Summary
================================================================================
Install 1 Package (+4 Dependent packages)
Total download size: 1.5 M
Installed size: 4.3 M
Downloading packages:
--------------------------------------------------------------------------------
Total 5.8 MB/s | 1.5 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7.x86_64 1/5
Installing : apr-util-1.5.2-6.el7.x86_64 2/5
Installing : httpd-tools-2.4.6-17.el7.x86_64 3/5
Installing : mailcap-2.1.41-2.el7.noarch 4/5
Installing : httpd-2.4.6-17.el7.x86_64 5/5
rhel7/productid | 1.6 kB 00:00
Verifying : mailcap-2.1.41-2.el7.noarch 1/5
Verifying : httpd-tools-2.4.6-17.el7.x86_64 2/5
Verifying : apr-1.4.8-3.el7.x86_64 3/5
Verifying : apr-util-1.5.2-6.el7.x86_64 4/5
Verifying : httpd-2.4.6-17.el7.x86_64 5/5
Installed:
httpd.x86_64 0:2.4.6-17.el7
Dependency Installed:
apr.x86_64 0:1.4.8-3.el7 apr-util.x86_64 0:1.5.2-6.el7
httpd-tools.x86_64 0:2.4.6-17.el7 mailcap.noarch 0:2.1.41-2.el7
Complete!
2、PC1端创建测试网站数据目录及首页文件
[root@PC1 ~]# cd /var/www/html/
[root@PC1 html]# ls
[root@PC1 html]# mkdir server
[root@PC1 html]# cd server/
[root@PC1 server]# ls
[root@PC1 server]# echo "1111122222333333" > index.html
[root@PC1 server]# ls
index.html
[root@PC1 server]# cat index.html
1111122222333333
3、PC1端修改配置文件,设置访问控制策略
……
125 AllowOverride None
126 # Allow open access:
127 Require all granted
128 </Directory>
129 <Directory "/var/www/html/server">
130 Order allow,deny
131 Allow from 192.168.10.20 ## 此处设置只允许 192.168.10.20主机访问
132 </Directory>
133 # Further relax access to the default document root:
134 <Directory "/var/www/html">
……
4、PC1端重启apache服务
[root@PC1 server]# systemctl restart httpd
[root@PC1 server]# systemctl status httpd | head -n 5
httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled)
Active: active (running) since Fri 2020-12-18 00:37:17 CST; 3s ago
Process: 4053 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Main PID: 4057 (httpd)
5、PC1服务器端清空防火墙策略
[root@PC1 server]# iptables -F
[root@PC1 server]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
6、PC1端测试效果(PC1端192.168.10.10不在允许主机中)
7、PC2端测试访问效果(PC2,192.168.10.20在允许主机名单中)
8、PC3端测试访问效果(PC3 192.168.10.30不在允许名单中)
9、PC1端修改访问控制配置文件
[root@PC1 server]# vim /etc/httpd/conf/httpd.conf
……
127 Require all granted
128 </Directory>
129 <Directory "/var/www/html/server">
130 Order allow,deny
131 Allow from 192.168.10.10 192.168.10.30
132 </Directory>
133 # Further relax access to the default document root:
134 <Directory "/var/www/html">
135 #
……
10、PC1端重启apache服务
[root@PC1 server]# systemctl restart httpd
[root@PC1 server]# systemctl status httpd | head -n 5
httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled)
Active: active (running) since Fri 2020-12-18 00:44:51 CST; 14s ago
Process: 4240 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Main PID: 4244 (httpd)
11、PC1端测试访问效果(192.168.10.10在允许清单)
12、PC2测试访问效果(192.168.10.20不在允许清单)
13、PC3测试访问效果(192.168.10.30在允许清单)
以上实验实现了基于主机IP的apache访问控制。
原文链接:https://77isp.com/post/34319.html
=========================================
https://77isp.com/ 为 “云服务器技术网” 唯一官方服务平台,请勿相信其他任何渠道。
数据库技术 2022-03-28
网站技术 2022-11-26
网站技术 2023-01-07
网站技术 2022-11-17
Windows相关 2022-02-23
网站技术 2023-01-14
Windows相关 2022-02-16
Windows相关 2022-02-16
Linux相关 2022-02-27
数据库技术 2022-02-20
抠敌 2023年10月23日
嚼餐 2023年10月23日
男忌 2023年10月22日
瓮仆 2023年10月22日
簿偌 2023年10月22日
扫码二维码
获取最新动态
