nginx之用户验证配置(实操)

一、用户验证配置

 

1、修改配置文件

]# vim /usr/local/nginx/conf/nginx.conf

35     server {

36         listen       80;

37         server_name  localhost;

38         auth_basic "xxx"; #认证用户

39         auth_basic_user_file "/usr/local/nginx/pass"; #认证密码

2、创建用户

]# yum -y install httpd-tools

 

]# htpasswd  -c /usr/local/nginx/pass tom      #创建tom用户  注:第二次创建不用加-c

New password:

Re-type new password:

Adding password for user tom

 

3、重启验证

]# /usr/local/nginx/sbin/nginx -s reload

 

验证登录网页验证

http://192.168.4.50/index.html

 

二、虚拟主机

1、创建虚拟主机

 

]# vim /usr/local/nginx/conf/nginx.conf

35     server {

 36         listen       80;

 37         server_name  www.b.com;  #域名   注:支持中文 (charset utf-8;)

 

 38        # auth_basic "xxx";

 39        # auth_basic_user_file "/usr/local/nginx/pass";

 40         #charset koi8-r; 注:支持中文 (charset utf-8;)

 41

 42         #access_log  logs/host.access.log  main;

 43

 44         location / {

 45             root   www ; #路径

 46             index  index.html index.htm;

 47         }

2验证 

~]# mkdir  /usr/local/nginx/www  #创建路径

 

~]# echo  11111  > /usr/local/nginx/www/index.html  #写入内容

 

~]# /usr/local/nginx/sbin/nginx -s reload

 

~]# curl http://www.b.com

三、ssl虚拟主机

1、加密算法

l 对称加密   (AES  DES) #适用单机

l 非对称加密   (RSA  DSA) #适用网络

]# cd /usr/local/nginx/conf/

 

]# openssl genrsa > cert.key   #生成私钥

Generating RSA private key, 2048 bit long modulus

............................................................................................+++

..........+++

e is 65537 (0x10001)

 

 

]# openssl req -new -x509 -key cert.key > cert.pem   #生成证书

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:

State or Province Name (full name) []:

Locality Name (eg, city) [Default City]:

Organization Name (eg, company) [Default Company Ltd]:

Organizational Unit Name (eg, section) []:

Common Name (eg, your name or your server's hostname) []:

Email Address []:

2、配置

]# vim /usr/local/nginx/conf/nginx.conf

 97     server {

 98         listen       443 ssl; #端口

 99         server_name  www.c.com; #域名

100

101         ssl_certificate      cert.pem; #证书文件

102         ssl_certificate_key  cert.key; #私钥文件

103

104         ssl_session_cache    shared:SSL:1m;

105         ssl_session_timeout  5m; #超时时间

106

107         ssl_ciphers  HIGH:!aNULL:!MD5;

108         ssl_prefer_server_ciphers  on;

109

110         location / {

111             root   html;

112             index  index.html index.htm;

113         }

114     }

 

 

3、验证

conf]# /usr/local/nginx/sbin/nginx  -s  reload

conf]# firefox  https://www.c.com

 

四、地址重写

 

 

 

关于运维学习、分享、交流,笔者开通了微信公众号【大隆爱分享】,感兴趣的朋友可以关注下,欢迎加入,建立属于我们自己的小圈子,一起学运维知识。

有需要技术交流的小伙伴可以加我微信,期待与大家共同成长,本人微信:可在公众号获取

 

posted @ 2020-11-10 18:42  亿千万  阅读(364)  评论(0编辑  收藏  举报