當前位置：首頁 > 编程语言 > php >内容正文

php

authinfo.php,【nginxphp】后台权限认证方式

發布時間：2025/3/8 php 16 豆豆

生活随笔收集整理的這篇文章主要介紹了 authinfo.php,【nginxphp】后台权限认证方式小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

一、最常用的方法(代碼中限制)

1、如何限制IP

function get_new_ip(){

if(getenv('HTTP_CLIENT_IP')) {

$onlineip = getenv('HTTP_CLIENT_IP');

} elseif(getenv('HTTP_X_FORWARDED_FOR')) {

$onlineip = getenv('HTTP_X_FORWARDED_FOR');

} elseif(getenv('REMOTE_ADDR')) {

$onlineip = getenv('REMOTE_ADDR');

} else {

$onlineip = $HTTP_SERVER_VARS['REMOTE_ADDR'];

}

return $onlineip;

}

$onlineip = get_new_ip();

$wip = ['127.0.0.1'];

if(!in_array($onlineip, $wip)){

header("HTTP/1.1 404 Not Found");

header("Status: 404 Not Found");

exit;

}

2、進行密碼驗證

/ Password protect

define('ADMIN_USERNAME','test'); // Admin Username

define('ADMIN_PASSWORD','test'); // Admin Password

if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) ||

$_SERVER['PHP_AUTH_USER'] != ADMIN_USERNAME || $_SERVER['PHP_AUTH_PW'] != ADMIN_PASSWORD) {

Header("WWW-Authenticate: Basic realm=\"discuz Login\"");

Header("HTTP/1.0 401 Unauthorized");

echo <<

Rejected!

Wrong Username or Password!

EOB;

exit;

}

// END OF DEFAULT CONFIG AREA /

二、NGINX中限制

1、IP限制

location / {

deny 192.168.1.1;

allow 192.168.1.0/24;

allow 10.1.1.0/16;

allow 2001:0db8::/32;

deny all;

}

2、auth_basic 本機認證(nginx默認支持)

安裝密碼工具

yum -y install httpd-tools

生成密碼

htpasswd -c pass.db

nginx中配置(需要維護 pass.db 文件)

auth_basic "User Authentication";

auth_basic_user_file conf/pass.db;

3、ngx_http_auth_request_module 第三方認證

需要安裝：--with-http_auth_request_module 模塊

#auth_basic "User Authentication";

#auth_basic_user_file conf/pass.db;

auth_request /auth;

location = /auth {

proxy_pass ...

proxy_pass_request_body off;

proxy_set_header Content-Length "";

proxy_set_header X-Original-URI $request_uri;

}

/ Password protect

define('ADMIN_USERNAME','test'); // Admin Username

define('ADMIN_PASSWORD','test'); // Admin Password

if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) ||

$_SERVER['PHP_AUTH_USER'] != ADMIN_USERNAME || $_SERVER['PHP_AUTH_PW'] != ADMIN_PASSWORD) {

Header("WWW-Authenticate: Basic realm=\"discuz Login\"");

Header("HTTP/1.0 401 Unauthorized");

echo <<

Rejected!

Wrong Username or Password!

EOB;

exit;

}

// END OF DEFAULT CONFIG AREA /

4、 ngx_http_auth_jwt_module 第三方認證

location / {

auth_jwt "closed site";

auth_jwt_key_file conf/keys.json;

auth_jwt_claim_set $email info e-mail;

auth_jwt_claim_set $job info "job title";

}

加密算法原理同上

配置代碼：

location ~ /admin/.*php$ {

location = /admin.php {

allow 127.0.0.1;

deny all;

auth_basic "Authorized users only";

auth_basic_user_file authkey/auth.com.db;

fastcgi_pass common;

fastcgi_index index.php;

include fastcgi_params;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

}

總結

以上是生活随笔為你收集整理的authinfo.php,【nginxphp】后台权限认证方式的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。