Apache默认虚拟主机
在虚拟主机配置文件中第一个虚拟主机
vim vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/tmp/123"
ServerName 111.com
</VirtualHost>
保存后
mkdir /tmp/123
chmod 600 /tmp/123
Apache域名301跳转
在虚拟主机配置文件中加入
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
<IfModule mod_rewrite.c>
# RewriteEngine on
RewriteCond %{HTTP_HOST} ^bbb.com
RewriteRule ^/(.*)$ https://cache.yisu.com/upload/information/20200310/68/125221.jpg$" p_w_picpath-request
SetEnvIf Request_URI ".*\.jpg$" p_w_picpath-request
SetEnvIf Request_URI ".*\.png$" p_w_picpath-request
SetEnvIf Request_URI ".*\.bmp$" p_w_picpath-request
SetEnvIf Request_URI ".*\.swf$" p_w_picpath-request
SetEnvIf Request_URI ".*\.js$" p_w_picpath-request
SetEnvIf Request_URI ".*\.css$" p_w_picpath-request
CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/test.com__%Y%m%d_log 86400" combined env=!p_w_picpath-request
2.2 Apache 配置静态缓存
修改虚拟主机配置文件
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
ErrorLog "/usr/local/apache2/logs/tset.com-error_log"
SetEnvIf Request_URI ".*\.gif$" p_w_picpath-request
SetEnvIf Request_URI ".*\.jpg$" p_w_picpath-request
SetEnvIf Request_URI ".*\.png$" p_w_picpath-request
SetEnvIf Request_URI ".*\.bmp$" p_w_picpath-request
SetEnvIf Request_URI ".*\.swf$" p_w_picpath-request
SetEnvIf Request_URI ".*\.js$" p_w_picpath-request
SetEnvIf Request_URI ".*\.css$" p_w_picpath-request
CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/test.com__%Y%m%d_log 86400" combined env=!p_w_picpath-request
<Ifmodule mod_expires.c>
ExpiresActive on
ExpiresByType p_w_picpath/gif "access plus 1 days"
ExpiresByType p_w_picpath/jpeg "access plus 24 hours"
ExpiresByType p_w_picpath/png "access plus 24 hours"
ExpiresByType txt/ccs "now plus 2 hours"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</Ifmodule>
2.3 Apache配置防盗链
修改虚拟主机配置文件加上
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
SetEnvIfNoCase Referer "^http://.*\.aaa\.com" local_ref
SetEnvIfNoCase Referer ".*\.bbb\.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|png|gif|js|css)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
Apache访问控制
在虚拟主机配置文件加上
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
<Directory />
AllowOverride None
Order allow,deny
Allow from all
Deny from 1.1.1.1
</Directory>
Apache禁止解析php
在虚拟主机配置文件加上
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
<Directory /data/www/data>
php_admin_flag engine off
<filesmatch "(.*)php">
Order deny,allow
Deny from all
</filesmatch>
</Directory>
Apache 禁止指定user_agent
user_agent 搜索引擎
限制了curl 和chrome 浏览器访问
<IfModule mod_rewrite.c>
RewriteEngine on 相当于开关
RewriteCond %{HTTP_USER_AGENT} ^.*curl.* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*chrome* [NC]
RewriteRule .* - [F]
</IfModule>
Apache通过rewrite限制某个目录
<IfModule mod_rewrite.c>
RewriteEngine on 相当于开关
RewriteCond %{REQUEST_URI} ^.*/tmp/.* [NC]
RewriteRule .* - [F]
</IfModule>
Apache--admin加密
在虚拟主机配置文件加上
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
<Directory /data/www/admin.php>
AllowOverride AuthConfig
AuthName "aaaaa"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
保存后创建Apache的验证用户
/usr/local/apache2/bin/htpasswd -c /data/.htpasswd user
-----------------------------------------------------------------
总配置文件
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/tmp/123"
ServerName 111.com
</VirtualHost>
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/data/www/"
ServerName aaa.com
ServerAlias bbb.com
# ErrorLog "logs/test2.com-error_log"
# CustomLog "logs/test2.com_log" combined
ErrorLog "/usr/local/apache2/logs/tset.com-error_log"
SetEnvIf Request_URI ".*\.gif$" p_w_picpath-request
SetEnvIf Request_URI ".*\.jpg$" p_w_picpath-request
SetEnvIf Request_URI ".*\.png$" p_w_picpath-request
SetEnvIf Request_URI ".*\.bmp$" p_w_picpath-request
SetEnvIf Request_URI ".*\.swf$" p_w_picpath-request
SetEnvIf Request_URI ".*\.js$" p_w_picpath-request
SetEnvIf Request_URI ".*\.css$" p_w_picpath-request
CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/test.com__%Y%m%d_log 86400" combined env=!p_w_picpath-request
<Ifmodule mod_expires.c>
ExpiresActive on
ExpiresByType p_w_picpath/gif "access plus 1 days"
ExpiresByType p_w_picpath/jpeg "access plus 24 hours"
ExpiresByType p_w_picpath/png "access plus 24 hours"
ExpiresByType txt/ccs "now plus 2 hours"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</Ifmodule>
SetEnvIfNoCase Referer "^http://.*\.aaa\.com" local_ref
SetEnvIfNoCase Referer ".*\.bbb\.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|png|gif|js|css)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^bbb.com
RewriteRule ^/(.*)$ http://aaa.com/$1 [R=301,L]
RewriteEngine on
RewriteCond %{REQUEST_URI} ^.*/tmp/.* [NC]
RewriteRule .* - [F]
</IfModule>
<Directory /data/www/admin>
AllowOverride AuthConfig
AuthName "aaaaa"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
<Directory />
AllowOverride None
Order allow,deny
Allow from all
Deny from 1.1.1.1
</Directory>
<Directory /data/www/data>
php_admin_flag engine off
<filesmatch "(.*)php">
Order deny,allow
Deny from all
</filesmatch>
</Directory>
<Directory /data/www/admin.php>
AllowOverride AuthConfig
AuthName "aaaaa"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^.*curl.* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*chrome* [NC]
RewriteRule .* - [F]
</IfModule>
</VirtualHost>
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
