码迷,mamicode.com
首页 > 系统相关 > 详细

2018-04-17 Linux学习

时间:2018-04-18 01:06:36      阅读:200      评论:0      收藏:0      [点我收藏+]

标签:Linux学习

11.25 配置防盗链

通过限制 referer 来实现防盗链的功能

配置文件增加如下内容
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<Directory /data/wwwroot/111.com>
    SetEnvIfNoCase Referer "http://www.111.com" local_ref
    SetEnvIfNoCase Referer "http://111.com" local_ref
    SetEnvIfNoCase Referer "^$" local_ref
    <filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
      Order Allow,Deny
      Allow from env=local_ref
    </filesmatch>
</Directory>

重新加载配置 -t , graceful

curl -e "http://www.qq.com/123.txt" -x127.0.0.1:80 111.com/baidu.png1 -I   自定义 referer

操作过程

[root@aming-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<VirtualHost :80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.exampl.com 2111.com.cn
<Directory /data/wwwroot/111.com>
SetEnvIfNoCase Referer "http://www.111.com" local_ref
SetEnvIfNoCase Referer "http://111.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch ".(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
ErrorLog "logs/111.com-error_log"
SetEnvIf Request_URI "..gif$" img
SetEnvIf Request_URI "..jpg$" img
SetEnvIf Request_URI "..png$" img
SetEnvIf Request_URI "..bmp$" img
SetEnvIf Request_URI "..swf$" img
SetEnvIf Request_URI "..js$" img
SetEnvIf Request_URI "..css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/111.com-access_%Y%m%d.log 86400" combined env=!img
</VirtualHost>

[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl graceful

[root@aming-01 ~]# curl -e "http://www.qq.com/123.txt" -x127.0.0.1:80 111.com/baidu.png1 -I
HTTP/1.1 404 Not Found
Date: Fri, 23 Mar 2018 16:53:25 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.34
Content-Type: text/html; charset=iso-8859-1

11.26 访问控制Directory

核心配置文件内容

<Directory /data/wwwroot/111.com/admin/>
    Order deny,allow
    Deny from all
    Allow from 127.0.0.1
</Directory>

curl 测试状态码为403则被限制访问了

操作过程

[root@aming-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost :80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.exampl.com 2111.com.cn
ErrorLog "logs/111.com-error_log"
<Directory /data/wwwroot/111.com/admin/>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
SetEnvIf Request_URI "..gif$" img
SetEnvIf Request_URI "..jpg$" img
SetEnvIf Request_URI "..png$" img
SetEnvIf Request_URI "..bmp$" img
SetEnvIf Request_URI "..swf$" img
SetEnvIf Request_URI "..js$" img
SetEnvIf Request_URI "..css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/111.com-access_%Y%m%d.log 86400" combined env=!img
</VirtualHost>

[root@aming-01 ~]# mkdir /data/wwwroot/111.com/admin
[root@aming-01 ~]# vim /data/wwwroot/111.com/admin/index.php

[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl graceful

[root@aming-01 ~]# curl -x127.0.0.1:80 111.com/admin/index.php -I
HTTP/1.1 200 OK
Date: Fri, 23 Mar 2018 21:08:20 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.34
X-Powered-By: PHP/5.6.34
Content-Type: text/html; charset=UTF-8

[root@aming-01 ~]# curl -x192.168.106.160:80 111.com/admin/index.php -I
HTTP/1.1 403 Forbidden
Date: Fri, 23 Mar 2018 21:08:48 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.34
Content-Type: text/html; charset=iso-8859-1

11.27 访问控制FilesMatch

访问控制- FilesMatch

核心配置文件内容

<Directory /data/wwwroot/111.com>
    <FilesMatch "admin.php(.*)">
      Order deny,allow
      Deny from all
      Allow from 127.0.0.1
    </FilesMatch>
</Directory>

操作过程

[root@aming-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost :80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.exampl.com 2111.com.cn
ErrorLog "logs/111.com-error_log"
<Directory /data/wwwroot/111.com>
<FilesMatch "admin.php(.)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
</Directory>
SetEnvIf Request_URI "..gif$" img
SetEnvIf Request_URI "..jpg$" img
SetEnvIf Request_URI "..png$" img
SetEnvIf Request_URI "..bmp$" img
SetEnvIf Request_URI "..swf$" img
SetEnvIf Request_URI "..js$" img
SetEnvIf RequestURI ".*.css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/111.com-access%Y%m%d.log 86400" combined env=!img
</VirtualHost>

[root@aming-01 ~]# vim /data/wwwroot/111.com/admin.php

[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@aming-01 ~]# /usr/local/apache2.4/bin/apachectl graceful

[root@aming-01 ~]# curl -x127.0.0.1:80 111.com/admin.php -I
HTTP/1.1 200 OK
Date: Tue, 17 Apr 2018 14:35:37 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.35
X-Powered-By: PHP/5.6.35
Cache-Control: max-age=0
Expires: Tue, 17 Apr 2018 14:35:37 GMT
Content-Type: text/html; charset=UTF-8

[root@aming-01 ~]# curl -x192.168.106.160:80 111.com/admin.php -IHTTP/1.1 403 Forbidden
Date: Tue, 17 Apr 2018 14:34:37 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.35
Content-Type: text/html; charset=iso-8859-1

[root@aming-01 ~]# curl -x192.168.106.160:80 111.com/admin.php?lkajskdfj -I
HTTP/1.1 403 Forbidden
Date: Tue, 17 Apr 2018 14:34:20 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.35
Content-Type: text/html; charset=iso-8859-1

2018-04-17 Linux学习

标签:Linux学习

原文地址:http://blog.51cto.com/9298822/2104611
(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
分享档案
更多>
2021年07月29日 (22)
2021年07月28日 (40)
2021年07月27日 (32)
2021年07月26日 (79)
2021年07月23日 (29)
2021年07月22日 (30)
2021年07月21日 (42)
2021年07月20日 (16)
2021年07月19日 (90)
2021年07月16日 (35)
周排行
mamicode.com排行更多图片
更多
友情链接
兰亭集智   国之画   百度统计   站长统计   阿里云   chrome插件   新版天听网
关于我们 - 联系我们 - 留言反馈
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!