apache限制访问

Posted 2020-07-12

1、拷贝apache主配置文件里面的一个模块

vim /usr/local/apache2/conf/httpd.conf

2、复制此模块到虚拟主机配置文件中

<Directory "/usr/local/apache2/cgi-bin">

    AllowOverride None

    Options None

    Order allow,deny

    Allow from all

</Directory>

修改为

<Directory "/data/www">

    AllowOverride None

    Options None

    Order allow,deny

    Allow from all

    Deny from 127.0.0.1

   </Directory>

3、使用curl -x127.0.0.1:80 www.test.com -I测试看是否为禁止，返回结果为forbidden说明成功

[[email protected] logs]# curl -x127.0.0.1:80 www.test.com

<!DOCTYPE html PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>403 Forbidden</title>

</head><body>

<h1>Forbidden</h1>

<p>You don‘t have permission to access /

on this server.</p>

</body></html>

4、使用没有限制的地址访问正常访问

 curl -x10.10.13.247:80 -I  www.test.com/forum.php 

HTTP/1.1 200 OK

Date: Wed, 25 May 2016 03:06:35 GMT

Server: Apache/2.2.31 (Unix) PHP/5.4.36

X-Powered-By: PHP/5.4.36

Set-Cookie: H7RV_2132_saltkey=OM6M0yWb; expires=Fri, 24-Jun-2016 03:06:35 GMT; path=/; httponly

Set-Cookie: H7RV_2132_lastvisit=1464141995; expires=Fri, 24-Jun-2016 03:06:35 GMT; path=/

Set-Cookie: H7RV_2132_sid=tVNtV2; expires=Thu, 26-May-2016 03:06:35 GMT; path=/

Set-Cookie: H7RV_2132_lastact=1464145595%09forum.php%09; expires=Thu, 26-May-2016 03:06:35 GMT; path=/

Set-Cookie: H7RV_2132_onlineusernum=1; expires=Wed, 25-May-2016 03:11:35 GMT; path=/

Set-Cookie: H7RV_2132_sid=tVNtV2; expires=Thu, 26-May-2016 03:06:35 GMT; path=/

Cache-Control: max-age=0

Expires: Wed, 25 May 2016 03:06:35 GMT

Content-Type: text/html; charset=gbk

5、也可以单独对某个页面设置白名单，比如设置只允许127.0.0.1允许访问admin.php页面

<filesmatch "(.*)admin(.*)">

    Order deny,allow

    Deny from all

    Allow from 127.0.0.1

   </filesmatch>

返回值200表示可以访问

[[email protected] logs]# curl -x127.0.0.1:80 -I www.test.com/admin.php 

HTTP/1.1 200 OK

Date: Wed, 25 May 2016 03:15:47 GMT

Server: Apache/2.2.31 (Unix) PHP/5.4.36

X-Powered-By: PHP/5.4.36

Set-Cookie: H7RV_2132_saltkey=RjU59zHm; expires=Fri, 24-Jun-2016 03:15:47 GMT; path=/; httponly

Set-Cookie: H7RV_2132_lastvisit=1464142547; expires=Fri, 24-Jun-2016 03:15:47 GMT; path=/

Set-Cookie: H7RV_2132_sid=r5nZfk; expires=Thu, 26-May-2016 03:15:47 GMT; path=/

Set-Cookie: H7RV_2132_lastact=1464146147%09admin.php%09; expires=Thu, 26-May-2016 03:15:47 GMT; path=/

Cache-Control: max-age=0

Expires: Wed, 25 May 2016 03:15:47 GMT

Content-Type: text/html; charset=gbk

本文出自 “愺艮搥豩” 博客，请务必保留此出处http://riverxyz.blog.51cto.com/533303/1782901