标签:11.18 apache用户认证 - 11.19/11.20 域名跳转 - 11.21 apache访问日志
- 11.18 Apache用户认证
- 11.19/11.20 域名跳转
- 11.21 Apache访问日志
- 扩展
- apache虚拟主机开启php的短标签 http://ask.apelearn.com/question/5370
# 11.18 apache用户认证
### httpd的用户认证
- vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把123.com那个虚拟主机编辑成如下内容
```
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
<Directory /data/wwwroot/www.123.com> //指定认证的目录
AllowOverride AuthConfig //这个相当于打开认证的开关
AuthName "123.com user auth" //自定义认证的名字,作用不大
AuthType Basic //认证的类型,一般为Basic,其他类型阿铭没用过
AuthUserFile /data/.htpasswd //指定密码文件所在位置
require valid-user //指定需要认证的用户为全部可用用户
</Directory>
</VirtualHost>
/usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd aming
```
- 先开打虚拟主机配置文件
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option ‘-S‘ to verify your virtual host
# configuration.
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
37,5 93%
```
- 把文件内容改为
```
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
<Directory /data/wwwroot/111.com>
AllowOverride AuthConfig
AuthName "111.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
:wq
```
- /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd aming
- -c 是creaate 创建用户 -m 是使用MD5方式 加密 /data/.htpasswd 指定密码文件目录 aming 是创建的新用户
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[root@localhost ~]# /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd aming
New password:
Re-type new password:
Adding password for user aming
[root@localhost ~]#
[root@localhost ~]# cat /data/.htpasswd
aming:$apr1$EXwYfiem$WmlVecIGEuLU781VJMO6y/
[root@localhost ~]# ls /data/.htpasswd
/data/.htpasswd
[root@localhost ~]#
```
- 再增加一个用户zhangsan
```
[root@localhost ~]# /usr/local/apache2.4/bin/htpasswd -m /data/.htpasswd zhangsan
New password:
Re-type new password:
Adding password for user zhangsan
[root@localhost ~]#
[root@localhost ~]# cat /data/.htpasswd
aming:$apr1$hRjEjYks$LpCPxZ/PUOvox0ZE5Qea9.
zhangsan:$apr1$cwKQ8Lwu$P.iw/DySVIn2sBrAF3AUb0
[root@localhost ~]#
```
- 重新加载配置-t , graceful 绑定hosts,浏览器测试
- curl -x127.0.0.1:80 www.123.com //状态码为401
- curl -x127.0.0.1:80 -uaming:passwd www.123.com //状态码为200
```
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]#
[root@localhost ~]# curl -x127.0.0.1:80 111.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn‘t understand how to supply
the credentials required.</p>
</body></html>
[root@localhost ~]#
[root@localhost ~]# curl -x127.0.0.1:80 111.com -I
HTTP/1.1 401 Unauthorized
Date: Sun, 08 Oct 2017 14:59:22 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
WWW-Authenticate: Basic realm="111.com user auth"
Content-Type: text/html; charset=iso-8859-1
[root@localhost ~]#
```
- 401 这个状态码 ,是说明你访问的内容需要做用户验证
- 同样也可以在浏览器里面看下,前提你要在windows hosts文件里定义111.com
- 
```
[root@localhost ~]# curl -x127.0.0.1:80 -uaming:123456 111.com -I
HTTP/1.1 200 OK
Date: Sun, 08 Oct 2017 15:50:41 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@localhost ~]# curl -x127.0.0.1:80 -uaming:123456 111.com
111.com[root@localhost ~]#
```
- 故意输错密码,又是这样
```
111.com[root@localhost ~]# curl -x127.0.0.1:80 -uaming:12345 111.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn‘t understand how to supply
the credentials required.</p>
</body></html>
[root@localhost ~]#
```
- 关于用户认证还有另一种需求,不想针对所有的目录,一个网站总有一个敏感信息,比如一些后台访问的数据,做一个认证,针对某一个文件,做一个认证
- 打开配置文件
```
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
# <Directory /data/wwwroot/111.com>
<FilesMatch 123.php>
AllowOverride AuthConfig
AuthName "111.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
<FilesMatch>
# </Directory>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
:wq
```
- 把diretory 注释掉,换上<FilesMatch 123.php>
```
[root@localhost ~]# !vi
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]# vim /data/wwwroot/111.com/123.php
<?
echo "123.php";
~
~
[root@localhost ~]# vim /data/wwwroot/111.com/123.php
[root@localhost ~]# !curl
curl -x127.0.0.1:80 -uaming:12345 111.com
111.com[root@localhost ~]# curl -x127.0.0.1:80 111.com
111.com[root@localhost ~]# curl -x127.0.0.1:80 111.com -I
HTTP/1.1 200 OK
Date: Sun, 08 Oct 2017 16:20:06 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@localhost ~]#
```
- 当使用123.php的时候
```
[root@localhost ~]# curl -x127.0.0.1:80 -uaming:123456 111.com/123.php -I
HTTP/1.1 200 OK
Date: Sun, 08 Oct 2017 16:21:36 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@localhost ~]#
[root@localhost ~]# curl -x127.0.0.1:80 -uaming:123456 111.com/123.php
123.php[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
```
# 11.19 域名跳转 上
- 需求,把123.com域名跳转到www.123.com,配置如下:
```
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
<IfModule mod_rewrite.c> //需要mod_rewrite模块支持
RewriteEngine on //打开rewrite功能
RewriteCond %{HTTP_HOST} !^www.123.com$ //定义rewrite的条件,主机名(域名)不是www.123.com满足条件
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满足上面的条件时,这条规则才会执行
</IfModule>
</VirtualHost>
```
- /usr/local/apache2/bin/apachectl -M|grep -i rewrite //若无该模块,需要编辑配置文件httpd.conf,删除rewrite_module (shared) 前面的#
curl -x127.0.0.1:80 -I 123.com //状态码为301
- 首先打开虚拟主机配置文件,把之前的配置的参数注释掉,暂时不用它了
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
# You may use the command line option ‘-S‘ to verify your virtual host
# configuration.
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
#<Directory /data/wwwroot/111.com>
<FilesMatch 123.php>
AllowOverride AuthConfig
AuthName "111.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</FilesMatch>
#</Directory>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
46,1 95%
```
- 打开注释掉之前配置的,
```
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com
#<Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
#</FilesMatch>
#</Directory>
<IfModule mod_rewrite.c> //需要mod_rewrite模块支持
RewriteEngine on //打开rewrite功能 on表示打开
RewriteCond %{HTTP_HOST} !^111.com$ //定义rewrite的条件,主机名(域名)
不是111.com满足条件 !表示取反的意思,不是111.com
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满>足上面的条件时,这条规则才会执行
</IfModule>
```
- 写好后,退出保存
```
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
#<Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
#</FilesMatch>
#</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$ RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
:wq
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[1]+ 已停止 vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[root@localhost ~]# ls /data/wwwroot/111.com/
123.php index.php
[root@localhost ~]# fg
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[root@localhost ~]#
```
# 11.20 域名跳转 下
- 改好配置文件需要重新 检测 加载一下
```
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
httpd not running, trying to start
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl start
httpd (pid 2297) already running
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]#
```
- 需要先检测一下apache 有没有加载rewrite模块
```
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -M |grep rewrite
```
- 因为我们在编译的时候指定了most ,所有这个模块一定存在的,如果没有,那就需要打开配置文件,搜下rewrite
```
[root@localhost ~]# vi /usr/local/apache2.4/conf/httpd.conf
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
#LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule php5_module modules/libphp5.so
LoadModule php7_module modules/libphp7.so
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
```
- 把#LoadModule rewrite_module modules/mod_rewrite.so 这一行#去掉,让这个模块可以加载出来
```
LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule php5_module modules/libphp5.so
LoadModule php7_module modules/libphp7.so
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
:wq
[root@localhost ~]# vi /usr/local/apache2.4/conf/httpd.conf
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -M |grep rewrite
rewrite_module (shared)
[root@localhost ~]#
```
- 模块现在加载出来了
- cat下虚拟主机配置文件内容
```
[root@localhost ~]# cat /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
#<Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
#</FilesMatch>
#</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
[root@localhost ~]#
```
- 再来看下
```
[root@localhost ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 839/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1605/master
tcp6 0 0 :::3306 :::* LISTEN 1257/mysqld
tcp6 0 0 :::80 :::* LISTEN 2297/httpd
tcp6 0 0 :::22 :::* LISTEN 839/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1605/master
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.202.131 netmask 255.255.255.0 broadcast 192.168.202.255
inet6 fe80::ecdd:28b7:612b:cb7 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:2e:28:f2 txqueuelen 1000 (Ethernet)
RX packets 2376 bytes 228809 (223.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1777 bytes 244117 (238.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 72 bytes 6260 (6.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 72 bytes 6260 (6.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# curl -x192.168.202.131:80 111.com
111.com[root@localhost ~]#
[root@localhost ~]# curl -x192.168.202.131:80 2111.com.cn -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 12:30:02 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@localhost ~]# curl -x192.168.202.131:80 2111.com.cn
abc.com[root@localhost ~]#
[root@localhost ~]# curl -x192.168.202.131:80 111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 12:32:46 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
```
- 如果把配置文件里面的 granted 改为denied 就会变成403
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/httpd.conf
# Deny access to the entirety of your server‘s filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
<Directory />
AllowOverride none
#Require all granted
Require all denied
</Directory>
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 403 Forbidden
Date: Mon, 09 Oct 2017 12:37:18 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
Content-Type: text/html; charset=iso-8859-1
[root@localhost ~]#
```
- 再进入配置文件 把它改回granted
```
<Directory />
AllowOverride none
Require all granted
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something‘s not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
:wq
```
- 现在再来访问就好了
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/httpd.conf
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 12:41:18 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@localhost ~]#
```
- 这个就是域名跳转,也叫做域名重定向
-
# 11.21 apache的访问日志
-访问日志记录用户的每一个请求
vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
- 先查看下虚拟主机配置文件内容
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[root@localhost ~]# ls /usr/local/apache2.4/logs/
111.com-access_log abc.com-access_log access_log httpd.pid
111.com-error_log abc.com-error_log error_log
[root@localhost ~]# ls /usr/local/apache2.4/logs/111.com-access_log
/usr/local/apache2.4/logs/111.com-access_log
[root@localhost ~]# cat !$
127.0.0.1 - - [08/Oct/2017:23:31:59 +0800] "GET HTTP://111.com/ HTTP/1.1" 401 381
127.0.0.1 - - [08/Oct/2017:23:32:05 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 -
127.0.0.1 - aming [08/Oct/2017:23:50:41 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
127.0.0.1 - aming [08/Oct/2017:23:51:08 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
127.0.0.1 - aming [08/Oct/2017:23:55:20 +0800] "GET HTTP://111.com/ HTTP/1.1" 401 381
127.0.0.1 - aming [09/Oct/2017:00:19:28 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
127.0.0.1 - - [09/Oct/2017:00:19:55 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
127.0.0.1 - - [09/Oct/2017:00:20:06 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
127.0.0.1 - aming [09/Oct/2017:00:21:36 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
127.0.0.1 - aming [09/Oct/2017:00:22:38 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
127.0.0.1 - aming [09/Oct/2017:00:26:45 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
192.168.202.131 - - [09/Oct/2017:20:29:12 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
192.168.202.131 - - [09/Oct/2017:20:32:46 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.202.131 - - [09/Oct/2017:20:37:18 +0800] "HEAD http://111.com/123.php HTTP/1.1" 403 -
192.168.202.131 - - [09/Oct/2017:20:41:18 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 -
[root@localhost ~]#
```
- HEAD是curl 弄出来的
- 192.168.202.131 来源的ip
- [09/Oct/2017:20:32:46 +0800]时间
- "HEAD 行为
- HTTP://111.com/123.php 访问的域名
- HTTP/1.1 它的http的版本1.1
- 200 状态码 200
- 7 是它的大小
-
- 关于日志,是可给它定义格式的,在那里定义呢? 打开主配置文件vim /usr/local/apache2.4/conf/httpd.conf 搜log,找到LogFormat
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/httpd.conf
<IfModule log_config_module>
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
```
- LogFormat "%h %l %u %t \"%r\" %>s %b" common
- h 你的来源ip l 用户 u 用户名密码 t 时间 r ruquest 行为,网址,s 状态码 ,b 就是它的大小
- 另外一种格式,除了这些东西之外,还有Referer 、 User-Agent (用户代理,通过浏览器,通过curl访问,最终通过网站的内容,是通过浏览器,或者crul 代理的,这个浏览器就是 用户代理,)
- Referer ,比如访问一个网站,进入到首页,又点了一个首页笔记,这个时候服务器上记录这条日志,它还会记录一条信息Referer ,referer 就是这个一个网址跳过来,你访问这个页面的日志,它记录的rerferer 就是它
- 怎么去配置它的日志
- 把虚拟主机配置文件改成如下:
```
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "logs/123.com-access_log" combined
</VirtualHost>
重新加载配置文件 -t,graceful
curl -x127.0.0.1:80 -I 123.com
tail /usr/local/apache2.4/logs/123.com-access_log
```
- 首先进入虚拟主机配置文件下面
```
[root@localhost ~]# vim /usr/local/apache2.4/conf/httpd.conf
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
"/usr/local/apache2.4/conf/extra/httpd-vhosts.conf" 53L, 1705C 51,1 底端
```
- 定义一个新的格式 common 改成 combined
```
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" combined
</VirtualHost>
:wq
[root@localhost ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 14:01:53 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@localhost ~]#
[root@localhost ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 14:02:25 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@localhost ~]#
```
- 再用浏览器访问下
- 再看看它的日志
```
[root@localhost ~]# cat /usr/local/apache2.4/logs/111.com-access_log
192.168.202.131 - - [09/Oct/2017:22:01:53 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.131 - - [09/Oct/2017:22:02:25 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
[root@localhost ~]#
```
- curl 访问的有 这个crul/7.29.0 但是没有rerferer 并没有记录Rerferer ,因为仅仅是记录crul的,不存在Rerferer一说,浏览器访问的,同样也没有Rerferer ,刷新试试还是没有,只是刷新还是不行,要做一个Rerferer ,需要点一次跳转,
- 192.168.133.1 – – [01/Aug/2017:01:01:21 +0800] “GET /favicon.ico HTTP/1.1” 404 209 “http://111.com/123.php” “Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.104 Safari/537.36 Core/1.53.3226.400 QQBrowser/9.6.11681.400”
- 需要类似于这样的日志,才是浏览器访问的日志,里面有Rerferer
- 这个就是叫做Rerferer http://111.com/123.php” “Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.104 Safari/537.36 Core/1.53.3226
Chrome/53.0.2785.104 Safari/537.36 Core/1.53.3226.400 QQBrowser/9.6.11681.400”
## 扩展
- apache虚拟主机开启php的短标签 http://ask.apelearn.com/question/5370
- 针对apache的虚拟主机开启php短标签
- 在对应的 虚拟主机 配置文件中加入
......
......
......
php_admin_flag short_open_tag on11.18 Apache用户认证 - 11.19/11.20 域名跳转 - 11.21 Apache访问日志
标签:11.18 apache用户认证 - 11.19/11.20 域名跳转 - 11.21 apache访问日志
原文地址:http://ch71smas.blog.51cto.com/13090095/1971035
