Yadda ake Kare Kalmar wucewa ta adiresoshin yanar gizo a Apache Amfani da Fayil na .htaccess
Lokacin da kuke gudanar da ayyukan kan layi, galibi kuna buƙatar iyakance isa ga wannan aikin don kare shi daga duniyar waje. Akwai dalilai daban-daban na hakan - alal misali kana so ka hana masu binciken injunan bincike shiga rukunin yanar gizon ka yayin da yake kan ci gaba.
A cikin wannan koyawa, Zan nuna muku yadda ake kare kalmar sirri daban-daban kundayen adireshi na rukunin yanar gizo a sabar gidan yanar gizon Apache. Akwai hanyoyi da yawa da za ku iya cimma wannan, amma za mu sake nazarin biyu daga cikinsu waɗanda aka fi amfani da su.
Hanya ta farko tana daidaita kariyar kalmar sirri kai tsaye a cikin fayil ɗin sanyi na Apache, yayin da na biyun yana amfani da fayil .htaccess.
Abubuwan bukatu
Domin saita kariyar kalmar sirri don kundayen gidan yanar gizon ku, kuna buƙatar samun:
- Sabar yanar gizo na Apache mai aiki
- Dole ne a kunna umarnin AllowOverride AuthConfig a cikin fayil ɗin sanyi na Apache.
Saita Jagorar Kariyar Kalmar wucewa ta Apache
1. Don wannan koyawa, za mu kare babban tushen tushen gidan yanar gizon /var/www/html. Don kare wannan jagorar, buɗe saitin Apache na ku:
---------------- On RedHat/CentOS based systems ---------------- # vi /etc/httpd/conf/httpd.conf ---------------- On Debian/Ubuntu based systems ---------------- # nano /etc/apache2/sites-available/000-default.conf
2. Nemo tushen tushen littafin Apache don /var/www/html kuma ƙara abubuwa masu zuwa kamar yadda aka ba da shawara:
<Directory /var/www/html> Options Indexes Includes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory>
<Directory /var/www/html> Options Indexes Includes FollowSymLinks MultiViews AllowOverride All Require all granted </Directory>
3. Ajiye fayil ɗin kuma sake kunna Apache ta amfani da umarni mai zuwa:
--------------- On Systemd ------------------- # systemctl restart httpd [On RedHat based systems] # systemctl restart apache2 [On Debian based systems] --------------- On SysV init ----------------- # service httpd restart [On RedHat based systems] # service apache2 restart [On Debian based systems]
4. Yanzu za mu yi amfani da umurnin htpasswd don samar da sunan mai amfani da kalmar sirri don kundin adireshi mai kariya. Ana amfani da wannan umarnin don sarrafa fayilolin mai amfani don ingantaccen tushe.
Ma'anar jumla ta umarni ita ce:
# htpasswd -c filename username
Zaɓin -c yana ƙayyadad da fayil ɗin da zai adana kalmar sirri da aka rufaffen kuma username yana ƙayyade mai amfani don tantancewa.
5. Fayil ɗin mu na kalmar sirri yana buƙatar kasancewa daga cikin adireshin yanar gizo na Apache don samun kariya sosai. Don wannan dalili, za mu ƙirƙiri sabon kundin adireshi:
# mkdir /home/tecmint
6. Bayan haka za mu samar da sunan mai amfani da kalmar sirri da za a adana a cikin wannan directory:
# htpasswd -c /home/tecmint/webpass tecmint
Da zarar kun aiwatar da wannan umarni dole ne ku shigar da kalmar sirri don sabon mai amfani da mu \tecmint\ sau biyu:
Bayan haka za mu buƙaci tabbatar da cewa Apache ya iya karanta fayil ɗin webpass. Don wannan dalili, kuna buƙatar canza ikon mallakar wannan fayil tare da umarni mai zuwa:
---------------- On RedHat/CentOS based systems ---------------- # chown apache: /home/tecmint/webpass # chmod 640 /home/tecmint/webpass
---------------- On Debian/Ubuntu based systems ---------------- # chown www-data /home/tecmint/webpass # chmod 640 /home/tecmint/webpass
7. A wannan lokacin sabon mai amfani da kalmar wucewa sun shirya. Yanzu muna buƙatar gaya wa Apache don neman kalmar sirri yayin shiga cikin kundin adireshi da aka yi niyya. Don wannan dalili, ƙirƙiri fayil mai suna .htaccess a /var/www/html:
# vi /var/www/html/.htaccess
Ƙara lambar a ciki:
AuthType Basic AuthName "Restricted Access" AuthUserFile /home/tecmint/webpass Require user tecmint
8. Yanzu ajiye fayil ɗin kuma sanya saitin ku zuwa gwaji. Bude burauzar ku kuma shigar da adireshin IP naku ko sunan yanki a cikin mazuruftan gidan yanar gizon, misali:
http://ip-address
Ya kamata a sa ku don neman sunan mai amfani da kalmar wucewa:
Shigar da sunan mai amfani da kalmar wucewa da kuka saita don ci gaba zuwa shafinku.
Ƙarin Bayanan kula
Idan kuna amfani da haɗin gwiwar haɗin gwiwa, tabbas ba za ku sami damar yin amfani da fayil ɗin sanyi na Apache ba. Koyaya, yawancin kamfanonin baƙi sun kunna zaɓin “AllowOverride All” ta tsohuwa. Wannan yana nufin cewa za ku buƙaci kawai samar da sunan mai amfani da kalmar wucewa sannan ku zaɓi directory ɗin da kuke son karewa. Wannan yana sauƙaƙa aikinku sosai.
Kammalawa
Ina fatan kun sami wannan koyawa da amfani kuma ya taimake ku cimma burin ku. Idan kuna da tambayoyi ko sharhi, da fatan za ku yi shakka a buga su a cikin sashin da ke ƙasa.