ÔõÑùʹÓÃNginxʵÏÖ»ùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖÆ
ÔõÑùʹÓÃnginxʵÏÖ»ùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖÆ
NginxÊÇÒ»¸ö¸ßÐÔÄܵÄHTTPºÍ·´ÏòÊðÀíЧÀÍÆ÷£¬ËüÆÕ±éÓÃÓÚ¹¹½¨¿ÉÀ©Õ¹µÄWebÓ¦ÓóÌÐòºÍЧÀÍ¡£³ýÁËÆ侫²ÊµÄÐÔÄÜÖ®Í⣬Nginx»¹ÌṩÁËÐí¶à¹¦Ð§£¬ÆäÖÐÖ®Ò»¾ÍÊÇ»ùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖÆ¡£ÔÚ±¾ÎÄÖУ¬ÎÒÃǽ«Ñ§Ï°ÔõÑùʹÓÃNginxʵÏÖÕâÖÖ»á¼û¿ØÖÆ£¬²¢ÌṩһЩ´úÂëʾÀý¡£
×°ÖÃNginx
Ê×ÏÈ£¬ÎÒÃÇÐèҪװÖÃNginx¡£Äã¿ÉÒÔÔÚ¹Ù·½ÍøÕ¾(https://nginx.org/)ÉÏÕÒµ½ÊʺÏÄãµÄ²Ù×÷ϵͳµÄ×°ÖÃ˵Ã÷¡£×°ÖÃÍê³Éºó£¬ÇëÈ·±£NginxÒÑÀÖ³ÉÆô¶¯¡£Äã¿ÉÒÔʹÓÃÒÔÏÂÏÂÁî¼ì²éNginx״̬£º
sudo systemctl status nginx
µÇ¼ºó¸´ÖÆ
½¨ÉèÓû§ÃÜÂëÎļþ
NginxʹÓÃÒ»¸öÃÜÂëÎļþÀ´´æ´¢Óû§µÄƾ֤¡£ÎÒÃÇ¿ÉÒÔʹÓÃhtpasswd¹¤¾ßÀ´½¨ÉèÕâ¸öÎļþ¡£ÈôÊÇÄãµÄϵͳÉÏûÓÐ×°ÖÃhtpasswd£¬Äã¿ÉÒÔʹÓÃÒÔÏÂÏÂÁîÀ´×°ÖÃËü£º
sudo apt-get install apache2-utils
µÇ¼ºó¸´ÖÆ
½ÓÏÂÀ´£¬Ê¹ÓÃhtpasswdÏÂÁÉèÒ»¸öÃÜÂëÎļþ£¬²¢Ìí¼ÓһЩÓû§¡£ÀýÈ磬ÎÒÃǽ«½¨ÉèÒ»¸öÃûΪ.htpasswdµÄÃÜÂëÎļþ£¬²¢Ìí¼ÓÒ»¸öÃûΪuserµÄÓû§¡£ÔÚÖÕ¶ËÖмüÈëÒÔÏÂÏÂÁ
sudo htpasswd -c /etc/nginx/.htpasswd user
µÇ¼ºó¸´ÖÆ
ÏÂÁÌáÐÑÄãÊäÈëÓû§µÄÃÜÂë¡£Çë¼Ç×Å£¬Ã¿¸öÓû§¶¼ÐèÒª×Ô¼ºµÄÃÜÂë¡£
ÉèÖÃNginx
ÏÖÔÚÎÒÃÇÐèÒªÉèÖÃNginxÒÔÆôÓûùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖÆ¡£ÎÒÃÇδÀ´×Ôδ¾ÊÚȨÓû§µÄÇëÇóÖض¨Ïòµ½401 UnauthorizedÒ³Ãæ¡£·¿ªNginxÉèÖÃÎļþ²¢×ö³öÒÔϸü¸Ä¡£
sudo nano /etc/nginx/sites-available/default
µÇ¼ºó¸´ÖÆ
ÔÚserver¿éÖУ¬Ìí¼ÓÒÔÏ´úÂ룺
location / { auth_basic "Restricted Content"; auth_basic_user_file /etc/nginx/.htpasswd; try_files $uri $uri/ =404; }
µÇ¼ºó¸´ÖÆ
ÉúÑIJ¢¹Ø±ÕÎļþºó£¬ÖØмÓÔØNginxÉèÖãº
sudo systemctl reload nginx
µÇ¼ºó¸´ÖÆ
²âÊÔ»á¼û¿ØÖÆ
ÏÖÔÚ£¬ÄãÒѾÉèÖÃÁË»ùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖÆ¡£Äã¿ÉÒÔʹÓÃÈκÎÖ§³ÖHTTP»ù±¾ÈÏÖ¤µÄä¯ÀÀÆ÷²âÊÔËü¡£µ±ÄãʵÑé»á¼ûÊܱ£»¤µÄÒ³Ãæʱ£¬ä¯ÀÀÆ÷½«ÌáÐÑÄãÊäÈëƾ֤¡£
ÈôÊÇÄãʹÓõÄÊÇChromeä¯ÀÀÆ÷£¬Ëü½«ÏÔʾһ¸öµ¯³ö´°¿Ú£¬ÒªÇóÄãÊäÈëÓû§ÃûºÍÃÜÂë¡£
ÈôÊÇÄãʹÓõÄÊÇÆäËûä¯ÀÀÆ÷£¬Ëü¿ÉÄܻὫƾ֤µÄÊäÈë×Ö¶ÎÏÔʾΪһ¸ö±íµ¥¡£ÎÞÂÛÄãʹÓÃÄÄÖÖä¯ÀÀÆ÷£¬Ä㶼Ӧ¸ÃÄܹ»ÀÖ³ÉÑéÖ¤Óû§²¢»á¼ûÊܱ£»¤µÄÒ³Ãæ¡£
¸ß¼¶ÉèÖÃÑ¡Ïî
Nginx»¹ÌṩÁËһЩ¸ß¼¶ÉèÖÃÑ¡ÏÒÔʵÏÖ¸üÖØ´óµÄ»á¼û¿ØÖÆ¡£ÀýÈ磬Äã¿ÉÒÔÔÚÖ¸¶¨µÄURL·¾¶ÉÏÆôÓûò½ûÓÃÓû§ÈÏÖ¤¡£Äã¿ÉÒÔʹÓÃÏÞÖÆ»á¼ûÖ¸ÁîÀ´ÊµÏÖÕâÒ»µã¡£ÏÂÃæÊÇÒ»¸öʾÀýÉèÖãº
location /admin { auth_basic "Restricted Content"; auth_basic_user_file /etc/nginx/.htpasswd; allow 192.168.1.0/24; deny all; }
µÇ¼ºó¸´ÖÆ
Õâ¸öÉèÖý«Ö»ÔÊÐíÀ´×Ô192.168.1.0/24×ÓÍøµÄIPµØµã»á¼û/admin·¾¶ÏµÄÄÚÈÝ£¬¶øÆäËûIP½«±»¾Ü¾ø»á¼û¡£
³ýÁËʹÓûù±¾ÈÏÖ¤£¬Nginx»¹Ö§³ÖʹÓÃSSLÖ¤ÊéºÍOAuthµÈÆäËûÉí·ÝÑéÖ¤·½·¨À´ÊµÏÖ»á¼û¿ØÖÆ¡£
½áÂÛ
ʹÓÃNginx¿ÉÒÔÇáËÉʵÏÖ»ùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖÆ£¬´Ó¶øÔÚWebÓ¦ÓóÌÐòÖÐÈ·±£Ö»ÓÐÊÚȨÓû§Äܹ»»á¼ûÊܱ£»¤µÄÄÚÈÝ¡£Í¨¹ýÉÏÊö°ì·¨£¬Äã¿ÉÒÔ×îÏȱ£»¤ÄãµÄWebÓ¦ÓóÌÐò²¢±ÜÃâδ¾ÊÚȨµÄ»á¼û¡£
´úÂëʾÀý£º
server { listen 80; server_name example.com; location / { auth_basic "Restricted Content"; auth_basic_user_file /etc/nginx/.htpasswd; try_files $uri $uri/ =404; } }
µÇ¼ºó¸´ÖÆ
Çë×¢ÖØ£¬ÉÏÊöʾÀý½ö˵Ã÷ÔõÑùÉèÖÃNginxÒÔʵÏÖ»ù±¾µÄ»á¼û¿ØÖÆ¡£ÔÚÏÖÕæÏàÐÎÖУ¬Äã¿ÉÄÜÐèҪƾ֤ÄãµÄÌض¨ÐèÇó¾ÙÐÐÉèÖõ÷½âºÍµ÷ÊÔ¡£
ÒÔÉϾÍÊÇÔõÑùʹÓÃnginxʵÏÖ»ùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖƵÄÏÈÈÝ¡£Ï£ÍûÕâƪÎÄÕÂÄܹ»×ÊÖúÄãÃ÷È·ºÍÓ¦ÓÃNginxÔÚ»á¼û¿ØÖÆ·½ÃæµÄÇ¿Ê¢¹¦Ð§¡£
ÒÔÉϾÍÊÇÔõÑùʹÓÃNginxʵÏÖ»ùÓÚÓû§ÈÏÖ¤µÄ»á¼û¿ØÖƵÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡