我有一个lighttpd服务器,我想从中提供一些文件。 不幸的是,服务器目前设置为需要密码authentication,我希望这些文件公开。
我怎样才能让一个特定的子目录中的文件不需要密码?
作为一个进一步的复杂性,configuration文件中的大部分东西都是由其他pipe理员设置的,所以我试图非常小心地打破任何现有的安全设置。
# config stuff that I am hesitant to change ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/ssl/foo.pem" ssl.ca-file = "/etc/pki/tls/certs/foo.cert" auth.backend = "htdigest" auth.backend.htdigest.userfile = "/etc/lighttpd/.passwd" auth.debug = 2 $HTTP["url"] !~ "^(/portal/.*|/js/.*|/css/.*|/icons/.*|/favicon\.ico)" { auth.require = ( "/" =>( "method" => "digest", "realm" => "Authorized users only", "require" => "valid-user" ) ) } $HTTP["url"] =~ "^/portal" { auth.require = ( "/portal" => ( "method" => "digest", "realm" => "portal users", "require" => "valid-user" ) ) url.redirect = ( "" => "/portal/") } $HTTP["remoteip"] !~ "1.2.3.4|5.6.7.8" { url.access-deny = ( "" ) } # new directory that I want to make public $HTTP["url"] =~ "^/public($|/)" { dir-listing.activate = "enable" } 我尝试添加/public/*到第一个$HTTP["url"] !~块的正则expression式,但是没有奏效。 我也尝试禁用与/public($|/)匹配的块内的ssl.engine ,但是这也不起作用。
这个设置对我来说很有用,正如评论中所说的那样:
server.modules += ( "mod_auth" ) auth.backend = "htdigest" auth.backend.htdigest.userfile = "/etc/lighttpd/passwd" $HTTP["url"] !~ "^(/portal/.*|/js/.*|/css/.*|/icons/.*|/favicon\.ico|/public/.*)" { auth.require = ( "/" =>( "method" => "digest", "realm" => "Authorized users only", "require" => "valid-user" ) ) }