不使用数据库的访问控制
我安装了一个应用程序,例如 http://gwmubiru.com/login.php。
我想将其作为演示发送给不同的潜在客户。我希望能够授予和/或拒绝客户访问权限。我不想将每个客户设置为数据库中的用户,因为我的演示有多个我想要演示的用户类型。
有没有一种方法可以使用 Apache、htaccess 甚至 Linux 来控制访问?
I have an application installed say at http://gwmubiru.com/login.php.
I want to send this as demo to different potential customers. I want to be able to grant and /or deny access to customers. I don't want to setup each customer as a user in the database since my demos have more than one user type I want to demo.
Is there a way to control access may be using Apache, htaccess or even linux?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您可以使用 http 身份验证。
http://httpd.apache.org/docs/2.0/howto/auth.html
您创建多个用户/密码,并为每个客户提供一个。之后您删除他们的访问权限。
You can use http Authentication.
http://httpd.apache.org/docs/2.0/howto/auth.html
You create several users/passwords and give one to each of your clients. After that you remove their access.
你是对的,你有选择:
从 Apache,最简单的机制可能是 mod_authz_host:
它适用于
htaccess文件,因此它可能是最简单的。如果您想限制对整个网络服务器的访问,您当然可以添加防火墙规则,只允许您的客户端访问它。这可能有点反社会,但如果您真的希望只有您的客户和潜在客户看到演示系统,防火墙就可以做到这一点。
ufw工具可以使添加防火墙规则变得非常容易;如果您对防火墙非常陌生,您可能希望尝试一下。如果您想了解有关 IPTables 的更多信息,那么您最好跳过
ufw。我配置 IPTables 已经有一段时间了(恐怕我永远不会像 OpenBSD 的pf防火墙)。不要忘记给自己留一个返回服务器的ssh路径,并考虑使用iptables-apply脚本来测试远程系统上的更改。 (我们都曾在某个时候将自己锁在服务器之外,只是不要养成这种习惯。)You're right, you've got options:
From Apache, probably the easiest mechanism is mod_authz_host:
It works in both
<directory>andhtaccessfiles, so it might be easiest.If you want to limit access to your entire webserver, you can certainly add firewall rules that will allow only your clients to access it. This might be a little anti-social, but if you'd really like only your clients and potential clients to ever see the demo system, firewalling can do that.
The
ufwtool can make adding firewall rules pretty easy; you might wish to try it if you're very new to firewalling.If you want to learn more about IPTables, then you might do better just skipping past
ufw. It's been a while since I've configured IPTables (and I'm afraid I'll never know it as well as OpenBSD'spffirewall). Don't forget to leave yourself ansshpath back to your server, and consider using theiptables-applyscript to test changes on remote systems. (We've all locked ourselves out of our servers at some point, just don't make a habit of it.)