关于apache的虚拟主机配置
增加用戶(hù)賬號(hào)的驗(yàn)證
touch /data/.htpasswd
[root@user10data]# htpasswd? -c ?/data/.htpasswd ?user1??#新增第一個(gè)賬號(hào)
[root@user10data]# htpasswd?? /data/.htpasswd ?user2???????#新增第二個(gè)賬號(hào)
?
?編輯/usr/local/apache2/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
#
<VirtualHost*:80>
????? DocumentRoot"/tmp/111/"? #默認(rèn)虛擬主機(jī),添加多一個(gè)不存在的服務(wù)器定義的域名來(lái)創(chuàng)建一個(gè)空目錄/文件,限制不是服務(wù)器自定義域名的訪(fǎng)問(wèn)
????? ServerName www.i1111.com
? </VirtualHost>
?
php_admin_valueopen_basedir "/usr/local/apache2/htdocs/:/tmp/"? #(apapche和php二選一)配置php的網(wǎng)站程序的目錄
??<VirtualHost *:80>
? #??ServerAdmin webmaster@dummy-host.example.com??
????? DocumentRoot"/usr/local/apache2/htdocs/"
????? ServerName www.user10.com??????????????????? #默認(rèn)虛擬主機(jī),指定服務(wù)器自定義域名的訪(fǎng)問(wèn)
????? ServerAlias www.12g3a.com
????? ServerAlias www.12a.com
?
<Directory /usr/local/apache2/htdocs/>
?? #??? Options FollowSymLinks??????? #禁止查看目錄,+FollowSymLinks允許查看目錄
?????? AllowOverride None??????????? #apache訪(fǎng)問(wèn)控制,在主配置文件里復(fù)制過(guò)來(lái)的(控制語(yǔ)句)
?????? Order allow,deny????????????? #看規(guī)則的先后
?????? Allow from all??????????????? #限制某個(gè)IP的訪(fǎng)問(wèn)
?????? Deny from ip
?? </Directory>
?
? ? ? ? ?<filesmatch"(.*)admin(.*)">
????????? Order deny,allow?????????????? #除了指定的ip能訪(fǎng)問(wèn)admin.php,其他無(wú)法訪(fǎng)問(wèn)
????????? deny from all
????????? allow from ip1 ip2
???????? AllowOverrideAuthConfig
????? ???AuthName"abc"???????????????????? #雙重驗(yàn)證
???? ????AuthType Basic
???? ????AuthUserFile?/data/.htpasswd1????? #apache用戶(hù)認(rèn)證
???? ????require valid-user
????? </filesmatch>
?
????? SetEnvIf Request_URI"."\.gif$" p_w_picpath-request
????? SetEnvIf Request_URI"."\.jpg$" p_w_picpath-request
????? SetEnvIf Request_URI"."\.png$" p_w_picpath-request
????? SetEnvIf Request_URI"."\.bmp$" p_w_picpath-request??#apache不記錄指定文件類(lèi)型日志
????? SetEnvIf Request_URI"."\.swp$" p_w_picpath-request
????? SetEnvIf Request_URI "."\.js$"p_w_picpath-request
????? SetEnvIf Request_URI"."\.css$" p_w_picpath-request
??? ??ErrorLog "logs/user10.com-error_log"
???? CustomLog "|/usr/local/apache2/bin/rotatelogs-l /usr/local/apache2/logs/user10.com-access_%Y%m%d_log 86400" combined ?env=!p_w_picpath-request? ?#apache日志切割 #env=!p_w_picpath-request ?#不去記錄p_w_picpath-request指定的文件類(lèi)型#apache不記錄指定文件類(lèi)型日志
<IfModulemod_expires.c>
???? ??ExpiresActive on
????? ?ExpiresByTypep_w_picpath/gif? "access plus 1 days"
???? ??ExpiresByType p_w_picpath/jpeg? "access plus 24 hours"
????? ?ExpiresByTypep_w_picpath/png? "access plus 24hours"???????? #配置靜態(tài)緩存
????? ?ExpiresByTypetext/css? "now plus 2 hourss"
????? ?ExpiresByTypeapplicantion/x-javascript? "now plus2 hours"
????? ?ExpiresByTypeapplicantion/x-shockware-flash? "nowplus 2 hours"
????? ?ExpiresDefault? "now plus 0 min"
??? </IfModule>
?
????? ?SetEnvIfNoCase?Referer "^http://.*\.user10\.com local_ref?????? #將本機(jī)的域名放在白名單
????? ?SetEnvIfNoCase?Referer ".*\.user11\.com" local_ref ?????????????#將這個(gè)網(wǎng)址加入白名單
???? <filesmatch "\.(doc|mp3|zip|rar|jpg|gif|png|js|css|jpeg)">??? #限制顯示
????????? Order Allow,Deny??????????????????????????????????????????? #配置apache防盜鏈
????????? Allow from env=local_ref? #允許定義local_ref,其他拒絕
??????????? Deny from all
????? </filesmatch>
?
?<Directory /usr/local/apache2/htdocs/data/>
???? php_admin_flag engine off????????????? #虛擬主機(jī)中限定某個(gè)目錄不解析php,關(guān)閉php解釋引擎
??? <filesmatch "(.*)php">
??????????? Order deny,allow??????????????????? #配置apache禁止解釋php
??????????? Deny from all????????????????????? #使其不能下載php文件
??????????? #allow from ip???????????? ??????????#去掉注釋允許某個(gè)ip下載
??? </filesmatch>
?</Directory>
?
???<IfModule mod_rewrite.c>
????RewriteEngine on
???? ?RewriteCond ?%{HTTP_HOST} ^www.12g3a.com$ [OR]??????? #定義的條件
?????RewriteCond ?%{HTTP_HOST}^www.12a.com$???????????????? #配置301跳轉(zhuǎn)(域名重定向)
?????RewriteRule ?^/(.*)$? http://www.user10.com/$1 [R=301,L]??
???? ?RewriteCond ?%{HTTP_USER_AGENT}? ^.*curl.* [NC,OR]??????????? #匹配,NC:不區(qū)分大小寫(xiě)
?????RewriteCond ?%{HTTP_USER_AGENT}? ^.*chrome* [NC,OR]???????? #加上注釋#,不認(rèn)為禁掉
???? ?RewriteCond %{HTTP_USER_AGENT}? ^.*aeg* [NC]?????? #禁用USER_AGENT,隨意指定的必須,這樣就可以使IE瀏覽器和第三方瀏覽器同時(shí)使用
?????RewriteRule ?.* - [F]????????????????????????????????? #直接禁掉,[F]代表Forbidden
????? RewriteCond? %{REQUEST_URI} ^.*/tmp/.*? [NC]??????#通過(guò)rewrite來(lái)限制某個(gè)目錄,禁止訪(fǎng)問(wèn)/tmp/下的文件
???? RewriteRule .* - [F]
???</IfModule>
?
?<Directory/usr/local/apache2/htdocs/abc/>???????#針對(duì)某個(gè)目錄做認(rèn)證登錄
????? AllowOverride AuthConfig
????? AuthName "abc"
????? AuthType Basic
????? AuthUserFile? /data/.htpasswd1????? #apache用戶(hù)認(rèn)證
????? require valid-user
??? </Directory>
?
<Directory/usr/local/apache2/htdocs/bcd/>???????#針對(duì)某個(gè)目錄做認(rèn)證登錄
????? AllowOverride AuthConfig
????? AuthName "abc"
????? AuthType Basic
????? AuthUserFile? /data/.htpasswd?????? #apache用戶(hù)認(rèn)證
????? require valid-user
??? </Directory>
</VirtualHost>
?
?
檢測(cè)配置是否正確
curl ?-A “gaega”-x192.168.0.168:80{www.12a.com,www.123.com} –I?? #-A:模擬user_agent
HTTP/1.1 301 MovedPermanently
Date: Tue, 05 Jan 201615:51:43 GMT
Server: Apache/2.2.24 (Unix)mod_ssl/2.2.24 OpenSSL/0.9.8b DAV/2 PHP/5.5.30
Location:http://www.user10.com/
Content-Type: text/html;charset=iso-8859-1
?
HTTP/1.1 301 MovedPermanently
Date: Tue, 05 Jan 201615:51:43 GMT
Server: Apache/2.2.24 (Unix)mod_ssl/2.2.24 OpenSSL/0.9.8b DAV/2 PHP/5.5.30
Location: http://www.user10.com/
Content-Type: text/html;charset=iso-8859-1
?
?
在主配置文件/usr/local/apache2/conf/httpd.conf找到includeconf/extra/httpd-vhosts.conf這一行的注釋去除掉,不然用戶(hù)驗(yàn)證不成功
?
vim/etc/profile.d/path.sh
?#!/bin/bash
?exportPATH=$PATH:/usr/local/mysql/bin:/usr/local/apache2/bin
?
?
apachectl -M?? #查看apache安裝了什么支持的模塊
[root@user10~]# apachectl -M
Loaded Modules:
?core_module (static)
?mpm_prefork_module (static)
?http_module (static)
?so_module (static)
?authn_file_module (shared)
?authn_dbm_module (shared)
?authn_anon_module (shared)
?authn_dbd_module (shared)
?authn_default_module (shared)
?authz_host_module (shared)
?authz_groupfile_module (shared)
?authz_user_module (shared)
?authz_dbm_module (shared)
?authz_owner_module (shared)
?authz_default_module (shared)
?auth_basic_module (shared)
?auth_digest_module (shared)
?dbd_module (shared)
?dumpio_module (shared)
?reqtimeout_module (shared)
?ext_filter_module (shared)
?include_module (shared)
?filter_module (shared)
?substitute_module (shared)
?deflate_module (shared)
?log_config_module (shared)
?logio_module (shared)
?env_module (shared)
?expires_module (shared)
?headers_module (shared)
?ident_module (shared)
?setenvif_module (shared)
?version_module (shared)
?ssl_module (shared)
?mime_module (shared)
?dav_module (shared)
?status_module (shared)
?autoindex_module (shared)
?asis_module (shared)
?info_module (shared)
?cgi_module (shared)
?dav_fs_module (shared)
?vhost_alias_module (shared)
?negotiation_module (shared)
?dir_module (shared)
?p_w_picpathmap_module (shared)
?actions_module (shared)
?speling_module (shared)
?userdir_module (shared)
?alias_module (shared)
?rewrite_module (shared)
?php5_module (shared)
Syntax OK
apachectl -l??? #查看apache已安裝的模塊,不指定模式是默認(rèn)prefork
[root@user10 ~]# apachectl -l
Compiled in modules:
? core.c
? prefork.c
? http_core.c
? mod_so.c
?
? ? ? ? ? ? ? ? ? ? ? ? ? ? ?
OR?? #或者,如果不設(shè)置,會(huì)被認(rèn)為兩個(gè)條件同時(shí)存在
(.*) ?#代表不包含HOST
/ ??# 代表將域名省掉
301?? #永久重定向
302?? #臨時(shí)重定向
L??? #代表最后,結(jié)束
401? #請(qǐng)求未經(jīng)授權(quán),需要身份驗(yàn)證返回狀態(tài)碼
403
404
500? #php的錯(cuò)誤
?
概念:
Apache防盜鏈:防止網(wǎng)站的東西被盜用
referer:%{Referer}指的是啟動(dòng)瀏覽器訪(fǎng)問(wèn)第一個(gè)的網(wǎng)址就是referer,即使是訪(fǎng)問(wèn)自定義域名(www.12a.com)做了跳轉(zhuǎn)到真正的網(wǎng)址(www.user10.com),真正的網(wǎng)址就是%{Referer}
點(diǎn)擊下一個(gè)網(wǎng)址的連接前,當(dāng)前瀏覽器的網(wǎng)址就是referer
指的是,它從哪里跳過(guò)來(lái)的。 比如你訪(fǎng)問(wèn)的一個(gè)網(wǎng)頁(yè)地址是http://123.com/1.html 這個(gè)頁(yè)面中有一個(gè)網(wǎng)址http://234.com/2.html 你直接點(diǎn)這個(gè)鏈接進(jìn)入到了 234.com/2.html 那這時(shí)候,日志中會(huì)記錄一條日志 2.html 它的referer是 http://123.com/1.html?
?
訪(fǎng)問(wèn)控制:
? 發(fā)現(xiàn)***,可以封IP,從主配置里配置的一個(gè)模板復(fù)制到虛擬主機(jī)的配置里
?
靜態(tài)緩存:設(shè)置一些圖片,css文件的緩存保存時(shí)間,當(dāng)時(shí)間一過(guò)(即過(guò)期以后)那瀏覽器就會(huì)將這些緩存文件進(jìn)行刪除。當(dāng)再重新打開(kāi)此網(wǎng)頁(yè)時(shí),那些文件又會(huì)再被重新緩存。
可緩存幾個(gè)小時(shí)或者幾天時(shí)間,時(shí)間過(guò)后可重新請(qǐng)求,但不會(huì)在服務(wù)端請(qǐng)求,從而節(jié)省帶寬。
[root@user10 ~]#curl -x192.168.0.168:80'http://www.user10.com/static/p_w_picpath/common/logo_88_31.gif' -I
HTTP/1.1 200 OK
Date: Thu, 07Jan 2016 02:49:38 GMT
Server:Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8b DAV/2 PHP/5.5.30
Last-Modified:Mon, 04 Jan 2016 14:51:47 GMT
ETag:"d9087-9e0-52883429d86c0"
Accept-Ranges:bytes
Content-Length:2528
Cache-Control:max-age=86400
Expires: Fri,08 Jan 2016 02:49:38 GMT
Content-Type:p_w_picpath/gif
?
User_agent的概念:瀏覽器的版本,搜索引擎的爬蟲(chóng)
apache運(yùn)行的用戶(hù)就是daemon
apache防盜鏈的概念:只要不是服務(wù)器上白名單定義的域名,其他網(wǎng)站都是插入該網(wǎng)站的資源就拒絕訪(fǎng)問(wèn)
apache日志切割概念:
CustomLog"|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/user10.com-access_%Y%m%d_logi86400/5M" combined
|???? #管道,把日志交給后面的rotatelogs工具處理
86400/5M? #單位秒,一天一個(gè)日志/一個(gè)日志為5M
?
/usr/local/apache2/conf/httpd.conf
<IfModulelog_config_module>
???? # The following directives define someformat nicknames for use with
???? # a CustomLog directive (see below).
???? #
???? LogFormat "%h %l %u %t\"%r\" %>s %b \"%{Referer}i\"\"%{User-Agent}i\"" combined
???? LogFormat "%h %l %u %t\"%r\" %>s %b" common
?
???? <IfModule logio_module>
?????? # You need to enable mod_logio.c to use%I and %O,自定義
?????? LogFormat "%h %l %u %t\"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"%I %O" combinedio
???? </IfModule>
%h??? #來(lái)源IP
--?? #空的,所以這樣表示
%u?? #user,用戶(hù)
%t??? #當(dāng)前時(shí)間
%r??? #動(dòng)作
%{Referer}???? #網(wǎng)址
%{User-Agent}??? #使用瀏覽器的相關(guān)信息
可限制來(lái)源ip使用的user-agent類(lèi)
curl -A "ggaweagew"? -xip:80 網(wǎng)址 –I?? #-A:模仿user_agent
apachectl graceful ?#重新加載配置
apachectl ?-S? #查詢(xún)虛擬機(jī)的域名配置所在的行數(shù)
apache調(diào)用了php的libphp5.so文件
?
加入啟動(dòng):
vi /etc/profile.d/path.sh
#!/bin/bash
exportPATH=$PATH:/usr/local/mysql/bin:/usr/local/apache2/bin
chmod 755 /etc/profile.d/path.sh
轉(zhuǎn)載于:https://blog.51cto.com/wsw26/1750698
總結(jié)
以上是生活随笔為你收集整理的关于apache的虚拟主机配置的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問(wèn)題。
- 上一篇: LightGBM中GBDT的实现
- 下一篇: HDU 5777 domino