我正在尝试使用httpauth保护我的wordpress博客,RSS源除外。这在apache 2.2中对我有用,但是我无法在apache 2.4中使用它。
我的博客目录中有一个.htaccess文件,如下所示:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /blog/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
</IfModule>
# END WordPress
AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName blog
AuthType Basic
SetEnvIf Request_URI ^.*/feed/$ allow_access
<RequireAny>
Require env allow_access
Require expr %{REQUEST_URI} =~ m#^.*/feed/$#
Require ip 127.0.0.1
Require valid-user
</RequireAny>
这确实要求我输入密码,但是即使在以/ feed /结尾的URI上,它仍然要求输入密码,不应该这样。
我的理解是RequireAny块中的两个第一行中的任何一行都应该满足RequireAny,因此不需要密码。
在apache 2.2中,这对我有用,
allow from env=allow_access
我做错了什么?还有其他更好的方法吗?
更新:我为mod_rewrite和mod_authz添加了额外的日志记录。这给了我以下内容:
[Sat May 10 16:31:32.590983 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require env allow_access: granted
[Sat May 10 16:31:32.591570 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of <RequireAny>: granted
[Sat May 10 16:31:32.591694 2014] [rewrite:trace3] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] add path info postfix: /var/www/html/www.example.com/blog/feed -> /var/www/html/www.example.com/blog/feed/
[Sat May 10 16:31:32.591731 2014] [rewrite:trace3] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] strip per-dir prefix: /var/www/html/www.example.com/blog/feed/ -> feed/
[Sat May 10 16:31:32.591754 2014] [rewrite:trace3] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] applying pattern '.' to uri 'feed/'
[Sat May 10 16:31:32.591813 2014] [rewrite:trace2] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] rewrite 'feed/' -> '/blog/index.php'
[Sat May 10 16:31:32.591843 2014] [rewrite:trace2] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] trying to replace prefix /var/www/html/www.example.com/blog/ with /blog/
[Sat May 10 16:31:32.591866 2014] [rewrite:trace1] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] internal redirect with /blog/index.php [INTERNAL REDIRECT]
[Sat May 10 16:31:32.592086 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require env allow_access: denied
[Sat May 10 16:31:32.592122 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require expr %{REQUEST_URI} =~ m#^.*/feed/$#: denied
[Sat May 10 16:31:32.592141 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require ip 127.0.0.1: denied
[Sat May 10 16:31:32.592158 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require valid-user : denied (no authenticated user yet)
[Sat May 10 16:31:32.592175 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet)
所以授权被检查两次;在重写之前和之后。问题是在重写之后,request_uri显然是不一样的。建议欢迎。
答案 0 :(得分:0)
使用url重写时,环境变量保存为REDIRECT_variable_name。
添加行
Require env REDIRECT_allow_access
<RequireAny>块内的解决了我的问题。