zhwz 发表于 2018-11-19 09:19:16

apache的相关配置

  
  1.apache用户认证
  cd /data/www/abc
  touch 12.txt
  cp /etc/passwd /data/www.abc/12.txt
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  
  Allowoverride AuthConfig
  Authname "自定义"
  AuthTypeBasic
  AuthUserFile /data/.htpasswd
  require valid-user
  
  vim /etc/profile.d/path.sh
  /usr/local/apache/bin
  !source
  htpasswd -c /data/.htpasswd user1(创建第二个用户的时候不加参数)
  apachectl -t
  apachectl graceful
  2.默认虚拟主机
  cd /tmp/123
  chmod 600 /tmp/123
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  
  DocumentRoot "/tmp/123"
  ServerName 1111.com
  
  3.域名301跳转
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  
  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^www.aaa.com$
  RewriteRule ^/(.*)$ http://www.test.com/$1
  
  apachectl -t
  apachectl restart
  4.apache日志切割(/usr/local/apache/logs)
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  打开和修改
  ErrorLog "logs/test.com-error_log"
  CustomLog "|/usr/local/apache/bin/rotatelogs -l /usr/local/apache/logs/test.com-access_%Y%m%d_log 86400" combined
  5.apache不记录指定文件类型日志
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  SetEnvIf Request_URI ".*\.gif$" image-request
  SetEnvIf Request_URI ".*\.jpg$" image-request
  SetEnvIf Request_URI ".*\.png$" image-request
  SetEnvIf Request_URI ".*\.swf$" image-request
  SetEnvIf Request_URI ".*\.js$" image-request
  SetEnvIf Request_URI ".*\.css$" image-request
  env=!image-request
  apachectl -t
  apachectl restart
  apachectl graceful
  6.apache配置静态缓存
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  
  ExpiresActive on
  ExpiresByType image/gif "access plus 1 days"
  ExpiresByType image/jpeg "access plus 24 hours"
  ExpiresByType image/png "access plus 1 days"
  ExpiresByType text/css "now plus 2 hours"
  ExpiresByType application/x-javascript "now plus 2 hours"
  ExpiresByType application/javascript "now plus 2 hours"
  ExpiresByType application/x-shockwave-flash "now plus 2 hours"
  ExpiresDefault "now plus 0 min"
  
  测试:curl -x127.0.0.1:80 'http://www.test.com/static/image/common/logo.png'
  7.apache配置防盗链
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  SetEnvIfNoCase Referer "^http://.*\.test\.com" local_ref
  SetEnvIfNoCase Referer "^http://.*\.\.com" local_ref(引用东西的网站加入白名单)
  
  Order Allow,Deny
  Allow from env=local_ref
  
  8.apache访问控制
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  #某个目录做限制
  
  Order allow,deny
  Allow from all
  Deny from 127.0.0.1
  
  #针对请求的uir去限制
  
  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
  
  curl -x192.168.255.3:80 -I www.test.com
  curl -x127.0.0.1:80 -I www.test.com/forum.php
  9.apache禁止解析php
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  
  php_admin_flag engine off
  
  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
  
  
  curl -x127.0.0.1:80 www.test.com/data/info.php
  10.apache禁止指定usr_agent
  vim /usr/local/apache/conf/extra/httpd-vhosts.conf
  # RewriteCond %{HTTP_USER_AGENT} ^.*curl.*
  # RewriteCond %{HTTP_USER_AGENT} ^.*chrome*
  # RewriteRule .* -
  通过rewrite限制某个目录
  RewriteCond %{REQUEST_URI} ^.*/tmp/.*
  RewriteRule .* -
  apachectl restart
  

  

  




页: [1]
查看完整版本: apache的相关配置