标签:apache的相关配置
1.apache用户认证
cd /data/www/abc
touch 12.txt
cp /etc/passwd /data/www.abc/12.txt
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<Directory /data/www/abc>
Allowoverride AuthConfig
Authname "自定义"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
vim /etc/profile.d/path.sh
/usr/local/apache/bin
!source
htpasswd -c /data/.htpasswd user1(创建第二个用户的时候不加参数)
apachectl -t
apachectl graceful
2.默认虚拟主机
cd /tmp/123
chmod 600 /tmp/123
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/tmp/123"
ServerName 1111.com
</VirtualHost>
3.域名301跳转
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.aaa.com$
RewriteRule ^/(.*)$ http://www.test.com/$1 [R=301,L]
</IfModule>
apachectl -t
apachectl restart
4.apache日志切割(/usr/local/apache/logs)
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
打开和修改
ErrorLog "logs/test.com-error_log"
CustomLog "|/usr/local/apache/bin/rotatelogs -l /usr/local/apache/logs/test.com-access_%Y%m%d_log 86400" combined
5.apache不记录指定文件类型日志
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
SetEnvIf Request_URI ".*\.gif$" image-request
SetEnvIf Request_URI ".*\.jpg$" image-request
SetEnvIf Request_URI ".*\.png$" image-request
SetEnvIf Request_URI ".*\.swf$" image-request
SetEnvIf Request_URI ".*\.js$" image-request
SetEnvIf Request_URI ".*\.css$" image-request
env=!image-request
apachectl -t
apachectl restart
apachectl graceful
6.apache配置静态缓存
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<ifModule mod_expires.c>
ExpiresActive on
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 1 days"
ExpiresByType text/css "now plus 2 hours"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</ifModule>
测试:curl -x127.0.0.1:80 ‘http://www.test.com/static/image/common/logo.png‘
7.apache配置防盗链
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
SetEnvIfNoCase Referer "^http://.*\.test\.com" local_ref
SetEnvIfNoCase Referer "^http://.*\.\.com" local_ref(引用东西的网站加入白名单)
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif|png|js|css)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
8.apache访问控制
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
#某个目录做限制
<Directory /data/www/>
Order allow,deny
Allow from all
Deny from 127.0.0.1
</Directory>
#针对请求的uir去限制
<filesmatch "(.*)admin(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>
curl -x192.168.255.3:80 -I www.test.com
curl -x127.0.0.1:80 -I www.test.com/forum.php
9.apache禁止解析php
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<Directory /data/www/data>
php_admin_flag engine off
<filesmatch "(.*)php">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>
</Directory>
curl -x127.0.0.1:80 www.test.com/data/info.php
10.apache禁止指定usr_agent
vim /usr/local/apache/conf/extra/httpd-vhosts.conf
# RewriteCond %{HTTP_USER_AGENT} ^.*curl.* [NC,OR]
# RewriteCond %{HTTP_USER_AGENT} ^.*chrome* [NC]
# RewriteRule .* - [F]
通过rewrite限制某个目录
RewriteCond %{REQUEST_URI} ^.*/tmp/.* [NC]
RewriteRule .* - [F]
apachectl restart
本文出自 “linux运维” 博客,转载请与作者联系!
标签:apache的相关配置
原文地址:http://xxr007.blog.51cto.com/10602872/1879522