在验证环境中只设置基本身份验证

2 年 ago

清, 宇

1 minute

简要介绍

留下了一份研究在正式环境中不进行身份验证，仅对验证环境施加基本身份验证访问限制的备忘录。

設定文件的描述。

这也可以通过.htaccess进行设置。

<IfDefine test>
  AuthUserFile /var/www/.htpasswd
  AuthGroupFile /dev/null
  AuthName 'Please Enter Your Password'
  AuthType Basic
  require valid-user

  Satisfy any

  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
  Allow from 153.1.1.1
  Allow from 153.1.1.2
</IfDefine>

如果可以的话，我认为最好在conf文件中进行设置。

<VirtualHost *:80>
    SetEnv APP_ENV "local"
    DocumentRoot   /var/www/www.qa-example.com/httpd/
    ServerName     www.qa-example.com
    CustomLog      "logs/www.qa-example.com-access.log" combined
    ErrorLog       "logs/www.qa-example.com-error.log"

    <Directory "/var/www/www.qa-example.com/httpd/">
        DirectoryIndex index.html
        AllowOverride All

        AuthUserFile /var/www/.htpasswd
        AuthGroupFile /dev/null
        AuthName 'Please Enter Your Password'
        AuthType Basic
        require valid-user

        Satisfy any

        Order deny,allow
        Deny from all

        # allow ip address
        Allow from 127.0.0.1
        Allow from 150.1.1.1
        Allow from 153.1.1.2
    </Directory>
</VirtualHost>