/写在前头
1.Apache HTTP 服务器2.4文档:
http://httpd.apache.org/docs/2.4/
2..httpd.conf详解:
http://www.php100.com/html/webkaifa/apache/2009/0418/1192.html
///目录//
1.基本配置
2.用户认证
3.静态缓存
4.域名跳转
5.防盗链
6.日志
7.访问控制
8.代理
/
遇到php不能解析:
1./usr/local/apache2/bin/apachetcl -M |grep -i php看看有没有加载php5module
2.vi /usr/local/apache2/conf/httpd.conf看看有没有AddType(修改了必须重启)
3.getenforce 看看selinux有没有关
/
基本配置:
在httpd.conf内增加:
AddType application/x-httpd-php .php
DirectoryIndex index.html index.php
/
用户认证
配置参考如下:
<Directory /data/www>
AllowOverride AuthConfig
AuthName "TheNameYouWant"
AuthType Basic
AuthUserFile /data/.htpasswd #ThePathYouWant
require valid-user
</Directory>
.htpasswd is a code file
用/usr/local/apache2/bin/htpasswd -c /data/.htpasswd username
if it is the first time to use the tool htpasswd , please use -c
/
开启静态缓存:
LoadModule expires_module modules/mod_expires.so
配置参考如下:
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType text/css "now plus 2 hours"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</IfModule>
/
域名跳转功能:
LoadModule rewrite_module modules/mod_rewrite.so
配置参考如下:
1.单一域名跳转
<IfModule mod_rewrite.c>
RewriteEngine on
RewirteCond %{HTTP_HOST} ^www.domain1.com$
RewirteRule ^(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>
2.多域名跳转
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.domain.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.domain1.com$
RewriteRule ^(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>
3.针对某些目录做域名跳转限定
适用场合:当很多个目录都包含tmp的情况下,逐一书写Directory会很累赘
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^.*/tmp/* [NC]
RewriteRule .* - [F]
</IfModule>
4.限制指定user_agent的域名跳转
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^.*Firefox/4.0* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Tomato Bot/1.0* [NC]
RewriteCond %{REQUEST_URI} !^/404*
RewriteRule .* /404.html
或者
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^*Firefox/4.0* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^*Tomato Bot/1.0* [NC]
RewriteRule .* - [F]
#以上的的HTTP_HOST、REQUEST_URI是Server-Variables的一个参数,有多个
#服务器变量的引用:%{ NAME_OF_VARIABLE },如上的HTTP_HOST
#了解更多参考文档
/
开启防盗链:
LoadModule setenvif_module modules/mod_setenvif.so
配置参考如下:
SetEnvIFNoCase Referer "^http://www.yourdomain.com" local_ref
SetEnvIFNoCase Referer "www.baidu.com" local_ref
SetEnvIFNoCase Referer "^$" local_ref
#以上均为白名单,除此之外使用防盗链
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
#针对以上格式做防盗链
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
/
配置访问日志:
配置日志格式:、
#在httpd.conf配置文件中可设置访问日志格式
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined #可以作为日志格式
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" aming #这是自定义的格式,和combined common一样均可被使用
...
配置参考如下:
#vhost.conf文件
ErrorLog "|/usr/local/apache/bin/rotatelogs -l /usr/local/apache/logs/yourdomain.com-error _%Y%m%d:log 86400"
SetEnvIF Request_URI ".*.gif$" image-request
SetEnvIF Request_URI ".*\.jpeg$" image-request
SetEnvIF Request_URI ".*\.png$"image-request
SetEnvIF Request_URI ".*\.bmp$"image-request
SetEnvIF Request_URI ".*\.swf$"image-request
SetEnvIF Request_URI ".*\.js$"image-request
SetEnvIF Request_URI ".*\.css"image-request
CustomLog "|/usr/local/apache/bin/rotatelogs -l /usr/local/apache/logs/yourdomain.com-access _%Y%m%d:log 86400 " combined env!=image-request
#以上SetEnv是过滤掉图片等的访问日志
#rotatelogs是日志切割工具
/
访问控制:
<Directory /data/www>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
针对请求的url去限制:
<filesmatch"(.*)admin(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>
某个登陆下禁止解析PHP:
<Directory /data/www/path>
php_admin_flag engine off
<filesmatch "(.*)php">
Order deny,allow
Allow from all
</filesmatch>
</Directory>
/
配置Proxy:
拓展模块安装Proxy:
cd httpd-2.0.59/modules/proxy
/usr/local/apache2/bin/apxs -c -i -a mod_proxy.c mod_proxy_connect.c mod_proxy_http.c proxy_util.c
然后就可以发现modules目录下已经产生了mod_proxy.so了
加载模块:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
配置参考如下:
反向代理:
ProxyRequests Off
ProxyPass / http://www.test.com/
ProxyPassReverse / http://www.test.com/
正向代理:
<VirtualHost *:80>
DocumentRoot "/data/www"
ServerName www.aaa.com
<Directory "/data/www">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ProxyRequests On
ProxyVia On
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
</VirtualHost>