# 默认虚拟主机
<VirtualHost *:80>
DocumentRoot "/tmp/123"## 目录“/tmp/123”需要提前创建,并赋予600的权限
ServerName 333.com
</VirtualHost>
# Discuz配置
<VirtualHost *:80>
DocumentRoot "/data/www"
ServerName www.111.com
ServerAlias www.222.com
php_admin_value open_basedir "/data/www/:/tmp/ ## 区分不同虚拟机,限制多个
# Apache访问控制
<Directory "/data/www">
AllowOverride None
Options None
Order allow,deny
Allow from all
Deny from 127.0.0.1
</Directory>
# 根据“admin.php”来做个白名单
<filesmatch "(.*)admin(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>
ErrorLog "111.com-error_log"
# 不记录指定文件日志
SetEnvIf Resquest_URI ".*\.gif$" image-request
SetEnvIf Resquest_URI ".*\.jpg$" image-request
SetEnvIf Resquest_URI ".*\.png$" image-request
SetEnvIf Resquest_URI ".*\.bmp$" image-request
SetEnvIf Resquest_URI ".*\.swf$" image-request
SetEnvIf Resquest_URI ".*\.js$" image-request
SetEnvIf Resquest_URI ".*\.css$" image-request
# 日志切割(目录在/usr/local/apache2/logs下)
CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/111.com-access_Y%m%d%_log 86400" combined env=!image-request
# 配置静态缓存
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType test/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</IfModule>
# 配置防盗链
SetEnvIfNoCase Referer "^http://.*\.111\.com" local_ref
SetEnvIfNoCase Referer ".*\.222\.com" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif|png|js|css)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
# Apache禁止解析php
<Directory /data/www/data>
php_admin_flag engine off
<filesmatch "(.*)php">
Order deny,allow
Deny from all
</filesmatch>
</Directory>
# 域名301跳转
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.222.com$
RewriteRule ^/(.*)$ http://www.111.com/$1 [R=301,L]
# 禁止指定user_agent
RewriteCond %{HTTP_USER_AGENT} ^.*curl.* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*chrome* [NC]
RewriteRule .* - [F]
# 禁止通过浏览器访问某个目录
RewriteCond %{REQUEST_URI} ^.*/tmp/.* [NC]
RewriteRule .* - [F]
</IfModule>
# 用户认证
<Directory /data/www/abc/>
AllowOverride AuthConfig
AuthName "yonghuming"
AuthType Basic
AuthUserFile /data/.htpasswd ## htpasswd -c /data/.htpasswd user1 这个在配置完别忘了创建
require valid-user
</Directory>
</VirtualHost>
原文地址:http://286577399.blog.51cto.com/10467610/1673211