httpd-2.4跟httpd-2.2不同在于任意目录下的页面只有显式授权才能被访问,因此,在配置虚拟主机访问控制时,如下所示。
[root@test1 ~]# cat /etc/httpd/conf.d/vhosts.conf
<VirtualHost 192.168.10.140:80>
ServerName www1.itab.com
DocumentRoot "/web/vhosts/www1"
ErrorLog logs/www1.err
CustomLog logs/www1.access combined
<Location /server-status>
SetHandler server-status
AuthType Basic
AuthName "Enter your username and password"
AuthUserFile "/etc/httpd/.htpasswd"
Require user status
</Location>
<Directory "/web/vhosts/www1">
<RequireAll> # 显示授权
Require all granted
Require not ip 192.168.10.128
</RequireAll>
</Directory>
</VirtualHost>
<VirtualHost 192.168.10.140:80>
ServerName www2.itab.com
DocumentRoot "/web/vhosts/www2"
ErrorLog logs/www2.err
CustomLog logs/www2.access combined
<Directory "/web/vhosts/www2">
<RequireAll> # 显示授权
Require all granted
Require not ip 192.168.10.128
</RequireAll>
</Directory>
</VirtualHost>
还有在配置HTTPS时,也是需要显式授权才能被访问到,如下。
[root@test1 ~]# vim /etc/httpd/conf.d/ssl.conf
<VirtualHost 192.168.10.140:443>
DocumentRoot "/web/vhosts/www2"
ServerName www2.itab.com
<Directory "/web/vhosts/www2"> # 显式授权
Require all granted
</Directory>
SSLCertificateFile /etc/httpd/ssl/httpd2.crt
SSLCertificateKeyFile /etc/httpd/ssl/httpd.key
</VirtualHost>