ʹÓÃhtpasswdÔÚLinuxÉÏʵÏÖ°²È«µÄHTTP»ù±¾ÈÏÖ¤
ÔÚ¹¹½¨ºÍ¹ÜÀíWeb·þÎñÆ÷ʱ£¬°²È«ÐÔÊÇÒ»¸öÖÁ¹ØÖØÒªµÄ¿¼Á¿ÒòËØ
HTTP»ù±¾ÈÏÖ¤×÷ΪһÖÖ¼òµ¥¶øÓÐЧµÄÓû§ÈÏÖ¤»úÖÆ£¬¹ã·ºÓ¦ÓÃÓÚÐèÒªÏÞÖÆ·ÃÎÊȨÏÞµÄWeb×ÊÔ´ÉÏ
ÔÚLinux»·¾³ÏÂ����£¬`htpasswd`¹¤¾ßÊÇÅäÖÃÕâÖÖÈÏÖ¤·½Ê½µÄµÃÁ¦ÖúÊÖ
±¾ÎĽ«Ïêϸ½éÉÜÈçºÎʹÓÃ`htpasswd`ÔÚLinuxϵͳÉÏÉèÖú͹ÜÀíHTTP»ù±¾ÈÏÖ¤����£¬ÒÔÈ·±£ÄúµÄWeb×ÊÔ´°²È«ÎÞÓÝ
Ò»�����¡¢Ê²Ã´ÊÇ`htpasswd`�����£¿
`htpasswd`ÊÇÒ»¸öÃüÁîÐй¤¾ß����£¬ÓÃÓÚ´´½¨ºÍ¸üд洢Óû§ÃûºÍÃÜÂëµÄÎļþ�£¬ÕâЩÎļþËæºó±»Apache HTTP·þÎñÆ÷»òÆäËû¼æÈݵÄWeb·þÎñÆ÷ÓÃÀ´ÊµÏÖHTTP»ù±¾ÈÏÖ¤
»ù±¾ÈÏ֤ͨ¹ýÌáʾÓû§ÊäÈëÓû§ÃûºÍÃÜÂëÀ´ÑéÖ¤Éí·Ý£¬ËäÈ»²»ÈçOAuth»òOpenID ConnectµÈÏÖ´úÈÏÖ¤»úÖÆ°²È«£¬µ«¶ÔÓÚ¼òµ¥µÄ·ÃÎÊ¿ØÖÆÐèÇó¶øÑÔ���£¬ËüÈÔÈ»ÊÇÒ»¸öÓÐЧÇÒÒ×ÓÚʵÏֵĽâ¾ö·½°¸
¶þ�����¡¢°²×°`htpasswd`
ÔÚ´ó¶àÊýLinux·¢ÐаæÖÐ����£¬`htpasswd`ÊÇApache HTTP·þÎñÆ÷Èí¼þ°üµÄÒ»²¿·Ö£¬Òò´Ë°²×°Apache·þÎñÆ÷ͨ³£»áͬʱ°²×°`htpasswd`
ÒÔÏÂÊÇÔÚ¼¸ÖÖ³£¼ûLinux·¢ÐаæÉÏ°²×°Apache·þÎñÆ÷µÄ·½·¨£º
Debian/Ubuntu£º
bash
sudo apt update
sudo apt install apache2 apache2-utils
CentOS/RHEL£º
bash
sudo yum install httpd httpd-tools
Fedora£º
bash
sudo dnf install httpd httpd-tools
°²×°Íê³Éºó����£¬Äú¿ÉÒÔͨ¹ýÔËÐÐ`htpasswd --version`À´ÑéÖ¤`htpasswd`ÊÇ·ñ³É¹¦°²×°
Èý�����¡¢´´½¨ÃÜÂëÎļþ
ʹÓÃ`htpasswd`´´½¨»ò¸üÐÂÃÜÂëÎļþµÄ»ù±¾Óï·¨ÈçÏ£º
htpasswd¡¾options¡¿ passwordfile username
ÆäÖÐ�£¬`passwordfile`ÊÇÄúÏ£Íû´æ´¢Óû§ÃûºÍÃÜÂëµÄÎļþÃû£¬`username`ÊÇÄúÏëÒªÌí¼Ó»ò¸üÐÂÃÜÂëµÄÓû§Ãû
´´½¨ÐÂÃÜÂëÎļþ£º
Èç¹ûÄúÊǵÚÒ»´ÎÉèÖã¬ÐèÒª´´½¨Ò»¸öеÄÃÜÂëÎļþ
ÀýÈ磬´´½¨Ò»¸öÃûΪ`.htpasswd`µÄÎļþ£º
bash
sudo htpasswd -c /path/to/.htpasswd username
`-c`Ñ¡Ïî±íʾ´´½¨ÐÂÎļþ�£¬Èç¹ûÎļþÒÑ´æÔÚ�£¬Ôò»á±»¸²¸Ç
Ìí¼ÓÐÂÓû§£º
Èç¹ûÃÜÂëÎļþÒѾ´æÔÚ����£¬Äú¿ÉÒÔʹÓÃÏàͬµÄÃüÁ²»´ø`-c`Ñ¡ÏÀ´Ìí¼ÓÐÂÓû§£º
bash
sudo htpasswd /path/to/.htpasswd newuser
¸üÐÂÓû§ÃÜÂ룺
Èç¹ûÐèÒª¸üÐÂÏÖÓÐÓû§µÄÃÜÂ룬ֻÐèÔÙ´ÎÔËÐÐÏàͬµÄÃüÁ²»´ø`-c`Ñ¡Ï£º
bash
sudo htpasswd /path/to/.htpasswd existinguser
ËÄ�¡¢ÅäÖÃApacheʹÓÃÃÜÂëÎļþ
ҪʹApache·þÎñÆ÷ʹÓÃ`htpasswd`Éú³ÉµÄÃÜÂëÎļþ½øÐÐHTTP»ù±¾ÈÏÖ¤�����£¬ÄúÐèÒªÔÚApacheÅäÖÃÎļþÖÐ×öÏàÓ¦µÄÉèÖÃ
Õâͨ³£Éæ¼°Á½¸ö²½Ö裺ÆôÓÃÈÏÖ¤Ä�����£¿éºÍÅäÖÃĿ¼»òÎļþµÄ·ÃÎÊ¿ØÖÆ
1.ÆôÓÃÈÏ֤ģ¿é£º
ÔÚApacheµÄÅäÖÃÎļþ£¨Í¨³£ÊÇ`/etc/httpd/conf/httpd.conf`»ò`/etc/apache2/apache2.conf`£©ÖÐ����£¬È·±£ÒÔÏÂÄ£¿é±»ÆôÓã¨È¡Ïû×¢ÊÍ£©£º
apache
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_user_module modules/mod_authz_user.so
2.ÅäÖ÷ÃÎÊ¿ØÖÆ£º
½ÓÏÂÀ´���£¬ÔÚApacheµÄÅäÖÃÎļþ»òÐéÄâÖ÷»úÅäÖÃÖÐ��£¬ÎªÐèÒª±£»¤µÄĿ¼»òÎļþÉèÖÃÈÏÖ¤
ÀýÈç�����£¬±���£»¤`/var/www/html/secret`Ŀ¼£º
apache
AuthType Basic
AuthName Restricted Area
AuthUserFile /path/to/.htpasswd
Require valid-user
ÕâÀ`AuthTypeBasic`Ö¸¶¨Ê¹Óûù±¾ÈÏÖ¤�����£¬`AuthName`ÊÇÈÏÖ¤¶Ô»°¿òÖÐÏÔʾµÄ±êÌ⣬`AuthUserFile`Ö¸Ïò֮ǰ´´½¨µÄÃÜÂëÎļþ���£¬`Require valid-user`±íʾֻÓÐÃÜÂëÎļþÖÐÁгöµÄÓû§²ÅÄÜ·ÃÎÊ
3.ÖØÆôApache·þÎñ£º
ÐÞ¸ÄÅäÖúó£¬ÐèÒªÖØÆôApache·þÎñÒÔʹ¸ü¸ÄÉúЧ£º
-Debian/Ubuntu£º
```bash
sudo systemctl restart apache2
```
-CentOS/RHEL/Fedora£º
```bash
sudo systemctl restart httpd
```
Îå��¡¢ÔöÇ¿°²È«ÐÔ
ËäÈ»HTTP»ù±¾ÈÏÖ¤ÌṩÁË»ù±¾µÄ·ÃÎÊ¿ØÖÆ��£¬µ«Ëü²¢·ÇÎÞи¿É»÷
ÒÔÏÂÊÇһЩÔöÇ¿°²È«ÐԵĽ¨Ò飺
- ʹÓÃHTTPS£º»ù±¾ÈÏ֤ͨ¹ýÃ÷ÎÄ´«ÊäÓû§ÃûºÍÃÜÂë�����£¬Òò´ËӦʼÖÕͨ¹ýHTTPSÀ´¼ÓÃÜͨÐÅ�����£¬·ÀÖ¹Ãô¸ÐÐÅϢй¶
- ÏÞÖÆ·ÃÎʳ¢ÊÔ´ÎÊý£ºÅäÖÃApacheʹÓÃFail2banµÈ¹¤¾ß���£¬¶Ô¶à´Îʧ°ÜµÄÈÏÖ¤³¢ÊÔ½øÐзâËø
- Ç¿ÃÜÂë²ßÂÔ£ºÈ·±£Óû§×ñÑÇ¿ÃÜÂë²ßÂÔ�����£¬¶¨ÆÚ¸üÐÂÃÜÂë
- ½áºÏÆäËûÈÏÖ¤»úÖÆ£º¶ÔÓÚ¸ü¸ß°²È«ÐèÇ󣬿¼ÂǽáºÏOAuth�����¡¢LDAP»òKerberosµÈ¸ü¸ß¼¶µÄÈÏÖ¤»úÖÆ
Áù����¡¢×ܽá
`htpasswd`ÊÇÒ»¸öÇ¿´óÇÒÒ×ÓÚʹÓõŤ¾ß���£¬Äܹ»°ïÖúÄúÔÚLinux»·¾³ÏÂÇáËÉʵÏÖHTTP»ù±¾ÈÏÖ¤
ͨ¹ýºÏÀíÅäÖÃApache·þÎñÆ÷��£¬Äú¿ÉÒÔÓÐЧµØ¿ØÖƶÔWeb×ÊÔ´µÄ·ÃÎÊ£¬±£»¤Ãô¸ÐÊý¾Ý²»±»Î´ÊÚȨ·ÃÎÊ
¼Çס��£¬°²È«ÐÔÊÇÒ»¸ö¶à²ã´ÎµÄÎÊÌâ����£¬³ýÁË»ù±¾ÈÏÖ¤Í⣬»¹Ó¦½áºÏÆäËû°²È«´ëÊ©�����£¬ÈçSSL/TLS¼ÓÃÜ����¡¢·À»ðǽ¹æÔò��¡¢¶¨ÆÚÉó¼ÆµÈ£¬¹²Í¬¹¹½¨Ò»¸ö°²È«µÄWeb»·¾³
ͨ¹ý±¾ÎĵÄÖ¸µ¼£¬ÄúÏÖÔÚÓ¦¸ÃÄܹ»ÊìÁ·µØʹÓÃ`htpasswd`ÔÚLinuxϵͳÉÏÉèÖÃHTTP»ù±¾ÈÏÖ¤£¬ÎªÄúµÄWeb×ÊÔ´Ìṩһ²ã»ù±¾µ«ÓÐЧµÄ±��£»¤
Ëæ׿¼ÊõµÄ²»¶Ï½ø²½£¬³ÖÐø¹Ø×¢²¢Ó¦ÓÃ×îÐµİ²È«Êµ¼ù£¬½«ÊÇά»¤Web·þÎñÆ÷°²È«µÄ¹Ø¼ü
