沙盒:修订间差异

来自Ubuntu中文
跳到导航跳到搜索
Jinzd留言 | 贡献
无编辑摘要
Jinzd留言 | 贡献
无编辑摘要
第1行: 第1行:
''mod_ssl''模块为Apache2服务器添加了一个重要的功能 - 加密通信的能力。由此,当你的浏览器通信使用SSL时,https:// 前缀被使用于统一资源定位符(URL)前。
For more than one user to be able to write to the same directory it will be necessary to grant write permission to a group they share in common. The following example grants shared write permission to /var/www/html to the group "webmasters".


''mod_ssl''模块存放于''apache2-common''包中。在终端提示符下执行以下命令以允许''mod_ssl''模块:<br/><code style="background-color:lightgray">sudo a2enmod ssl</code>
<pre>
sudo chgrp -R webmasters /var/www/html
sudo find /var/www/html -type d -exec chmod g=rwxs "{}" \;
sudo find /var/www/html -type f -exec chmod g=rw  "{}" \;
</pre>


/etc/apache2/sites-available/default-ssl.conf中有一个缺省的SSL配置。为了让Apache2提供HTTPS,你还需要一个certificate(证书)和一个key文件。缺省的HTTPS配置使用的证书和key是有ssl-cert包生成的。他们用于测试非常好,但是对于特定的服务器或网站,它们需要被取代。如何生成key并获得证书请参看[https://help.ubuntu.com/12.04/serverguide/certificates-and-security.html Certificates]
These commands recursively set the group permission on all files and directories in /var/www/html to read write and set user id. This has the effect of having the files and directories inherit their group and permission from their parrent. Many admins find this useful for allowing multiple users to edit files in a directory tree.  


配置Apache2 HTTPS请输入下面指令:<br/><code style="background-color:lightgray">sudo a2ensite default-ssl</code>
: <span style="background-color: lightgray">If access must be granted to more than one group per directory, enable Access Control Lists (ACLs). </span>
 
: <span style="background-color:lightgray">指令的缺省位置在/etc/ssl/certs 及 /etc/ssl/private。如果你安装了证书和key到其他目录,请确保正确更改SSLCertificateFile 及 SSLCertificateKeyFile。</span>
 
完成Apache2的HTTPS配置后,重启服务以使新配置生效:<br/><code style="background-color:lightgray">sudo service apache2 restart</code>
 
: <span style="background-color:lightgray">依赖你证书获得的方式,当重新启动Apache2时或许你会被要求一个密码。</span>
 
通过键入https: //your_hostname/url/ 你可访问你的安全站点。

2016年6月8日 (三) 14:27的版本

For more than one user to be able to write to the same directory it will be necessary to grant write permission to a group they share in common. The following example grants shared write permission to /var/www/html to the group "webmasters".

sudo chgrp -R webmasters /var/www/html
sudo find /var/www/html -type d -exec chmod g=rwxs "{}" \;
sudo find /var/www/html -type f -exec chmod g=rw  "{}" \;

These commands recursively set the group permission on all files and directories in /var/www/html to read write and set user id. This has the effect of having the files and directories inherit their group and permission from their parrent. Many admins find this useful for allowing multiple users to edit files in a directory tree.

If access must be granted to more than one group per directory, enable Access Control Lists (ACLs).