Apache的配置
1、默认虚拟主机
[root@localhost ~]# cd /usr/local/apache2.4/conf/extra
[root@localhost extra]# vim httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin admin@wang.com
DocumentRoot "/data/wwwroot/test0920.com"
ServerName test0920.com
ServerAlias www.testdomain.com
ErrorLog "logs/aming.com-error_log"
CustomLog "logs/aming.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/testdomain.com"
ServerName www.testdomain.com
</VirtualHost>
[root@localhost extra]# mkdir -p /data/wwwroot/test0920.com /data/wwwroot/testdomain.com
[root@localhost extra]# echo “www.test0920.com” > /data/wwwroot/test0920.com/index.html
[root@localhost extra]# echo “www.testdomain.com” > /data/wwwroot/testdomain.com/index.html
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# curl -x127.0.0.1:80 www.test0920.com
“www.test0920.com”
[root@localhost extra]# curl -x127.0.0.1:80 www.testdomain.com
“www.test0920.com”
[root@localhost extra]# curl -x127.0.0.1:80 www.abc.com
“www.test0920.com”
2、用户认证
[root@localhost ~]# cd /usr/local/apache2.4/conf/extra
[root@localhost extra]# vim httpd-vhosts.conf
在ServerAlias www.testdomain.com下面添加一下代码
<Directory /data/wwwroot/testdomain.com>
AllowOverride AuthConfig
AuthName "testdomain.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
此行代码的末尾“jwt”是用户名可随意更改,在写入密码时必须回车2次
[root@localhost extra]# /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd jwt
New password:
Re-type new password:
Adding password for user jwt
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
在自己的主机上搜索C:\Windows\System32\drivers\etc\hosts
找到后右键单机hosts,属性-安全-单机组或用户名中的Users-单击编辑-单机组或用户名中的Users-把修改和写入勾上-应用
然后在hosts上添加你的IP www.testdomain.com
列:192.168.100.10 www.testdomain.com
然后在浏览器中会有弹窗,输入你的用户名和密码即可
3、域名跳转
[root@localhost extra]# vim httpd-vhosts.conf
把<Directory>整段代码注释,在下面添加如下代码
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.testdomain.com$
RewriteRule ^/(.*)$ http://www.testdomain.com/$1 [R=301,L]
</IfModule>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -M |grep -i rewrite
rewrite_module (shared)
[root@localhost extra]# vim /usr/local/apache2.4/conf/httpd.conf
/搜索rewrite,把前面#去掉
LoadModule rewrite_module modules/mod_rewrite.so
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -M |grep -i rewrite
rewrite_module (shared)
rewrite_module (shared)
[root@localhost extra]# curl -x127.0.0.1:80 -I testdomain.com
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Jul 2021 02:34:42 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Location: http://www.testdomain.com/
Content-Type: text/html; charset=iso-8859-1
4、访问日志
[root@localhost extra]# vim httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin admin@jaing.com
DocumentRoot "/data/wwwroot/test0920.com"
ServerName www.testdomain.com
ServerAlias www.testdomain.com
<IfModule mod_rewrite.c>
RewriteEngine on RewriteCond %{HTTP_HOST} !^www.testdomain.com$
RewriteRule ^/(.*)$ http://www.testdomain.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/aming.com-error_:log"
CustomLog "logs/aming.com-access_log" common
CustomLog "logs/123.com-access_log" combined
CustomLog "logs/123.com-access_log" combined
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# curl -x127.0.0.1:80 -I testdomain.com
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Jul 2021 02:44:01 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Location: http://www.testdomain.com/
Content-Type: text/html; charset=iso-8859-1
[root@localhost extra]# tail /usr/local/apache2.4/logs/123.com-access_log
127.0.0.1 - - [16/Jul/2021:16:01:07 +0600] "HEAD HTTP://testdomain.com/ HTTP/1.1" 301 - "-" "curl/7.29.0"
127.0.0.1 - - [16/Jul/2021:16:01:07 +0600] "HEAD HTTP://testdomain.com/ HTTP/1.1" 301 - "-" "curl/7.29.0"
127.0.0.1 - - [19/Jul/2021:08:44:01 +0600] "HEAD HTTP://testdomain.com/ HTTP/1.1" 301 - "-" "curl/7.29.0"
127.0.0.1 - - [19/Jul/2021:08:44:01 +0600] "HEAD HTTP://testdomain.com/ HTTP/1.1" 301 - "-" "curl/7.29.0"
5、访问日记不记录静态文件
[root@localhost extra]# vim httpd-vhosts.conf
在</IfModule>段落下添加一下代码
SetEnvIf Request_URI ".*\.gif$" img-request
SetEnvIf Request_URI ".*\.jpg$" img-request
SetEnvIf Request_URI ".*\.png$" img-request
SetEnvIf Request_URI ".*\.bmp$" img-request
SetEnvIf Request_URI ".*\.swf$" img-request
SetEnvIf Request_URI ".*\.js$" img-request
SetEnvIf Request_URI ".*\.css$" img-request
CustomLog "| /usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!img
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# curl -x127.0.0.1:80 -I testdomain.com
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Jul 2021 02:53:32 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Location: http://www.testdomain.com/
Content-Type: text/html; charset=iso-8859-1
[root@localhost extra]# ls /usr/local/apache2.4/logs/
123.com-access_20210716.log access_log error_log
123.com-access_20210719.log aming.com-access_log httpd.pid
123.com-access_log aming.com-error_:log
6、访问日记切割
[root@localhost extra]# vim httpd-vhosts.conf
把 DocumentRoot "/data/wwwroot/www.123.com"改成DocumentRoot "/data/wwwroot/testdomain.com"
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# touch /data/wwwroot/testdomain.com/aming.jpg
[root@localhost extra]# touch /data/wwwroot/testdomain.com/aming.txt
[root@localhost extra]# curl -x127.0.0.1:80 www.testdomain.com/aming.jpg
[root@localhost extra]# curl -x127.0.0.1:80 www.testdomain.com/aming.txt
[root@localhost extra]# cat /usr/local/apache2.4/logs/123.com-access_20210716.log
127.0.0.1 - - [16/Jul/2021:16:10:25 +0600] "HEAD HTTP://testdomain.com/ HTTP/1.1" 301 - "-" "curl/7.29.0"
127.0.0.1 - - [16/Jul/2021:16:17:37 +0600] "GET HTTP://www.testdomain.com/aming.txt HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.100.1 - - [16/Jul/2021:16:19:36 +0600] "GET / HTTP/1.1" 200 25 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Edg/91.0.864.70"
192.168.100.1 - - [16/Jul/2021:16:19:37 +0600] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Edg/91.0.864.70"
192.168.100.1 - - [16/Jul/2021:16:19:37 +0600] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Edg/91.0.864.70"
192.168.100.1 - - [16/Jul/2021:16:19:37 +0600] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Edg/91.0.864.70"
7、静态元素过期时间
[root@localhost extra]# vim httpd-vhosts.conf
在 CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l lo 下添加代码段
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType image/gif "access plus 1 days“
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours'
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</IfModule>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -M |grep -i expires
[root@localhost extra]# vim /usr/local/apache2.4/conf/httpd.conf
搜索关键词expires,找到这一行
LoadModule expires_ module modules/mod_ expires .so 把前面的#删掉
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -M|grep -i expires
expires_module (shared)
测试
[root@localhost extra]# curl -x127.0.0.1:80 -I www.testdomain.com/aming.txt
HTTP/1.1 200 OK
Date: Mon, 19 Jul 2021 03:12:16 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Last-Modified: Mon, 19 Jul 2021 02:59:37 GMT
ETag: "0-5c77120bb93a1"
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Mon, 19 Jul 2021 03:12:16 GMT
Content-Type: text/plain
[root@localhost extra]# curl -x127.0.0.1:80 -I www.testdomain.com/aming.jpg
HTTP/1.1 200 OK
Date: Mon, 19 Jul 2021 03:12:24 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Last-Modified: Mon, 19 Jul 2021 02:59:32 GMT
ETag: "0-5c7712061b7b9"
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Tue, 20 Jul 2021 03:12:24 GMT
Content-Type: image/jpeg
8、配置防盗链
[root@localhost extra]# vim httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/testdomain.com"
ServerName www.testdomain.com
ServerAlias testdomain.com
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.1og 86400"combined env=!image-request
<Directory /data/wwwroot/testdomain.com>
SetEnvIfNoCase Referer "http://www.testdomain.com" local_ref
SetEnvIfNoCase Referer "http://testdomain.com" local_ref
SetEnvIfNoCase Referer "^$" local ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
测试
[root@localhost extra]# curl -x127.0.0.1:80 -I -e “http://www.testdomain.com/testdomain.txt” http://testdomain.com/aming.jpg
HTTP/1.1 200 OK
Date: Mon, 19 Jul 2021 03:27:27 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Last-Modified: Mon, 19 Jul 2021 02:59:32 GMT
ETag: "0-5c7712061b7b9"
Accept-Ranges: bytes
Content-Type: image/jpeg
9、访问控制-Diretory\FileMatch
[root@localhost extra]# vim httpd-vhosts.conf
把 <Directory>字段全部注释掉,然会新加入
<Directory /data/wwwroot/testdomain.com/admin/>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
测试
[root@localhost ~]# echo "admin" > /data/wwwroot/www.123.com/admin/index.htm
[root@localhost extra]# > /usr/local/apache2.4/logs/123.com-access_20210716.log
[root@localhost extra]# curl -x192.168.100.10:80 -I testdomain.com/admin/index.html
HTTP/1.1 404 Not Found
Date: Mon, 19 Jul 2021 03:44:53 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Content-Type: text/html; charset=iso-8859-1
[root@localhost extra]# curl -x127.0.0.1:80 -I testdomain.com/admin/index.html
HTTP/1.1 404 Not Found
Date: Mon, 19 Jul 2021 03:45:04 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Content-Type: text/html; charset=iso-8859-1
[root@localhost extra]# cat /usr/local/apache2.4/logs/123.com-access_20210719.log
127.0.0.1 - - [19/Jul/2021:08:59:50 +0600] "GET HTTP://www.testdomain.com/aming.txt HTTP/1.1" 200 - "-" "curl/7.29.0"
127.0.0.1 - - [19/Jul/2021:09:12:16 +0600] "HEAD HTTP://www.testdomain.com/aming.txt HTTP/1.1" 200 - "-" "curl/7.29.0"
10、访问控制-禁止解析php
[root@localhost extra]# vim httpd-vhosts.conf
注释掉<Directory>然后新加
<Directory /data/wwwroot/testdomain.com/upload>
php_admin_flag engine off
</Directory>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful、
测试
[root@localhost extra]# cp /usr/local/apache2.4/htdocs/1.php /data/wwwroot/testdomain.com/upload/
[root@localhost extra]# curl -x127.0.0.1:80 testdomain.com/upload/1.php
<?
echo “php解析正确”
?>
11、访问控制-user_agent
[root@localhost extra]# vim httpd-vhosts.conf
注释掉<Directory>然后新加
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} .*baidu.com.*[NC]
RewriteRule .* - [F]
</IfModule>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
测试
[root@localhost extra]# curl -I -x127.0.0.1:80 testdomain.com/upload/1.php
HTTP/1.1 403 Forbidden
Date: Mon, 19 Jul 2021 04:04:48 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
Content-Type: text/html; charset=iso-8859-1
[root@localhost extra]# curl -A “123123” -I -x127.0.0.1:80 testdomain.com/upload/1.php
HTTP/1.1 200 OK
Date: Mon, 19 Jul 2021 04:05:04 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.39
X-Powered-By: PHP/5.6.39
Content-Type: text/html; charset=UTF-8
浙公网安备 33010602011771号