我目前拒绝访问所有的子目录和文件,除了文件/var/www/subdir/file.php
<Directory /var/www/*> Allow from None Order allow,deny </Directory> <Location /subdir/file.php> Order allow,deny allow from all </Location>
我如何用htpasswd保护这个文件? 我尝试了以下语法,但它不起作用:
<Directory /var/www/*> Allow from None Order allow,deny </Directory> <Location /subdir/file.php> Order allow,deny allow from all AuthType Basic AuthName "Restricted Access" AuthUserFile /var/www/private_html/passwords/allowed-users Require user me </Location>
编辑这里是我的整个httpd.conf文件
<Directory /var/www/public_html/*> Allow from None Order allow,deny </Directory> <Location /hello1.php> AuthType Basic AuthName "Restricted Access" AuthUserFile /var/www/private_html/passwords/allowed-users Require user me SetEnvIf Request_URI "(/hello1.php)$" allow Order allow,deny Allow from env=allow Satisfy any </Location>
<FilesMatch "^(?!protected\.html)$"> deny from all </FilesMatch> <Files "protected.html"> AuthName "Username and password required" AuthUserFile /www/sites/testcase.com/.htpasswd Require valid-user AuthType Basic </Files>
除了有问题的文件外,您将被禁止使用。 但是,当您尝试访问protected.html或任何你想要的名字,它会给你一个基本的authentication对话框。
AuthType Basic AuthName "Restricted Area" AuthUserFile /home/path/.htpasswd AuthGroupFile /dev/null Require valid-user SetEnvIf Request_URI "(path/to/file\.php)$" allow Order allow,deny Allow from env=allow Satisfy any
你可以把上面的.htaccess文件
尝试拒绝IP地址访问。 这应该satisfy any ,但不能satisfy all访问。
<Location /subdir/file.php> Order allow,deny deny from all AuthType Basic AuthName "Restricted Access" AuthUserFile /var/www/private_html/passwords/allowed-users Require valid-user </Location>
或者尝试使用满足任何要求来自不受信任的地址的密码。
<Location /subdir/file.php> Order allow,deny allow from 127.0.0.1 deny from all satisfy any AuthType Basic AuthName "Restricted Access" AuthUserFile /var/www/private_html/passwords/allowed-users Require user me </Location>
检查你的错误日志,看看是否有任何logging。 我发现了一些错误的解决办法。