Apache 配置 之 访问控制
访问控制的设置:假设:在日志里发现某个IP 尝试***我的站点,就可以通过配置把这个IP 封掉。
拷贝模版
vim /usr/local/apache2/conf/httpd.conf
AllowOverride None
Options None
Order allow,deny#Order :谁在前,先执行谁。不分上下,只分前后。
Allow from all #允许所有IP
Deny from 127.0.0.1# 控制这个IP
# apachectl -t
Syntax OK
# apachectl restart
# curl -x127.0.0.1:80 -I www.test.com
HTTP/1.1 403 Forbidden #此时访问不到127.0.0.1
Date: Tue, 27 Sep 2016 12:31:27 GMT
Server: Apache/2.2.31 (Unix) PHP/5.6.24
Content-Type: text/html; charset=iso-8859-1
-------------------------------------------------------------------------------------------
白名单限制,限制指定的IP 访问。
# vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
# apachectl -t
Syntax OK
# apachectl restart
# curl -x10.72.4.30:80 -I www.test.com/admin.php
HTTP/1.1 403 Forbidden #限制成功,403 不能访问
Date: Tue, 27 Sep 2016 12:46:15 GMT
Server: Apache/2.2.31 (Unix) PHP/5.6.24
Content-Type: text/html; charset=iso-8859-1
---------------------------------------------
# curl -x127.0.0.1:80 -I www.test.com/admin.php
HTTP/1.1 200 OK # 可以访问
Date: Tue, 27 Sep 2016 12:48:48 GMT
Server: Apache/2.2.31 (Unix) PHP/5.6.24
X-Powered-By: PHP/5.6.24
Set-Cookie: gfwC_2132_saltkey=IYZYTY7u; expires=Thu, 27-Oct-2016 12:48:48 GMT; Max-Age=2592000; path=/; httponly
Set-Cookie: gfwC_2132_lastvisit=1474976928; expires=Thu, 27-Oct-2016 12:48:48 GMT; Max-Age=2592000; path=/
Set-Cookie: gfwC_2132_sid=POGGLH; expires=Wed, 28-Sep-2016 12:48:48 GMT; Max-Age=86400; path=/
Set-Cookie: gfwC_2132_lastact=1474980528%09admin.php%09; expires=Wed, 28-Sep-2016 12:48:48 GMT; Max-Age=86400; path=/
Cache-Control: max-age=0
Expires: Tue, 27 Sep 2016 12:48:48 GMT
Content-Type: text/html; charset=gbk
页:
[1]