LNMP下为Nginx目录设置访问验证的用户名密码
有时候需要象Apache那样为指定的目录添加访问验证,一般在Apache下使用htpasswd来添加,而htpasswd是包含在apache2-utils里,一般LNMP一键安装包或自己编译安装LNMP都不会安装apache2-utils。下面说一下如何为Nginx的网站目录设置访问验证:
1、创建类htpasswd文件
执行:wget -c soft.vpser.net/lnmp/ext/htpasswd.sh;
脚本内容:
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
echo "====================================="
echo "# A tool like htpasswd for Nginx #"
echo "#-----------------------------------#"
echo "# Author:Licess http://www.lnmp.org #"
echo "====================================="
#set UserName
username=""
read -p "Please input UserName:" username
if [ "$username" = "" ]; then
echo "Error:UserName can't be NULL!"
exit 1
fi
echo "==========================="
echo "UserName was: $username"
echo "==========================="
#set password
unpassword=""
read -p "Please input the Password:" unpassword
if [ "$unpassword" = "" ]; then
echo "Error:Password can't be NULL!"
exit 1
fi
echo "==========================="
echo "Password was: $unpassword"
echo "==========================="
password=$(perl -e 'print crypt($ARGV[0], "pwdsalt")' $unpassword)
#set htpasswd file
htfile=""
read -p "Please input Auth filename:" htfile
if [ "$htfile" = "" ]; then
echo "Error:Auth filename can't be NULL!"
exit 1
fi
echo "==========================="
echo "Auth File: /usr/local/nginx/conf/$htfile"
echo "==========================="
get_char()
{
SAVEDSTTY=`stty -g`
stty -echo
stty cbreak
dd if=/dev/tty bs=1 count=1 2> /dev/null
stty -raw
stty echo
stty $SAVEDSTTY
}
echo ""
echo "Press any key to Creat...or Press Ctrl+c to cancel"
char=`get_char`
if [ ! -f /usr/local/nginx/conf/$htfile.conf ]; then
echo "Create Auth file......"
cat >/usr/local/nginx/conf/$htfile.conf<<eof
$username:$password
eof
echo "Create Auth file successful,auth file path:/usr/local/nginx/conf/$htfile.conf."
else
echo "File already exists,please run this script again."
exit 1
fi
执行脚本:bash htpasswd.sh
按提示输入用户名、密码、及认证文件名。脚本会自动生成认证文件。记录下脚本返回的文件路径。如:/usr/local/nginx/conf/htpasswd.conf.
2、为Nginx添加auth认证配置
下面是以某域名下面的目录为例,在域名的server段里加上如下代码:
location /
{
auth_basic "Restricted";
auth_basic_user_file /usr/local/nginx/conf/htpasswd; #这里写前面脚本返回的文件路径;
}
Restricted为提示信息,可以修改成自己想让他提示的信息;auth_basic_user_file 后面需要填htpasswd.sh脚本返回的人家文件的路径。
注意,加上认证之后该目录下的PHP将不会被解析,会出现下载提示,如果想可以解析PHP可以将上面的配置改为:
server {
listen 8018;
server_name db.chinagba.com;
root /data/wwwroot/dbadmin;
index index.php;
location ~ .*\.php?$
{
include fcgi.conf;
fastcgi_pass spawn;
fastcgi_index index.php;
}
location / {
auth_basic "Restricted";
auth_basic_user_file /usr/local/nginx/conf/htpasswd; #这里写前面脚本返回的文件路径;
}
}
按上面的提示修改好配置后,重启nginx,
[root@YOUWO-APP-199 conf]# /usr/local/nginx/sbin/nginx -t
the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@YOUWO-APP-199 conf]# /usr/local/nginx/sbin/nginx -s reload
访问http://121.9.243.199:8018/ 就会提示输入用户名和密码。
本教程适合LNMP一键安装包或自己安装的LNMP,只不过目录和配置文件可能位置不一样。
