1、默认虚拟主机
vim /usr/local/apache2/conf/httpd.conf
搜索httpd-vhost,把这行#号删除
保存主配置文件,然后编辑虚拟主机
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
虚拟主机配置如下
ServerAdmin [email protected]
DocumentRoot "/data/wwwroot/aming.com"
ServerName aming.com
ServerAlias www.aming.com
ErrorLog "logs/aming.com-error_log"
CustomLog "logs/aming.com-access_log" common
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
创建虚拟主机站点的根目录mkdir -p /data/www.root/aming.com
echo “aming.com” > /data/wwwroot/aming.com/index.html (网站默认的主页就是index.html)
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
curl -x127.0.0.0:80 aming.com
2.用户认证
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
<Directory /data/wwwroot/www.123.com> //指定认证的目录
AllowOverride AuthConfig //这个相当于打开认证的开关
AuthName "123.com user auth" //自定义认证的名字,作用不大
AuthType Basic //认证的类型,一般为Basic,其他类型阿铭没用过
AuthUserFile /data/.htpasswd //指定密码文件所在位置
require valid-user //指定需要认证的用户为全部可用用户
</Directory>
</VirtualHost>
httpd的配置文件完成,接下来创建密码
/usr/local/apache2/bin/htpasswd -cm /data/.httpdwd aming
htpasswd为创建用户的工具,-c为creat(创建),-m是指密码加密方式MD5
/data/.htpasswd为密码文件,第一次需要加-c,第二次就不需要加-c了,否则/data/.htpasswd会被重置,用户会被清空。
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
可以对一个目录或者单独的文件用户认证。
3.域名跳转
80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
//需要mod_rewrite模块支持
RewriteEngine on //打开rewrite功能
RewriteCond %{HTTP_HOST} !^www.123.com$ //定义rewrite的条件,主机名(域名)不是www.123.com满足条件
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满足上面的条件时,这条规则才会执行
/usr/local/apache2/bin/apachectl -M |grep -i rewrite看有没有rewrite模块,若没有,
vim /usr/local/apache2/conf/httpd.conf
搜索rewrite,删除#
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
/usr/local/apache2/bin/apachectl -M |grep -i rewrite 在加载一次
测试:curl -x127.0.0.0:80 -I 123.com
4.配置访问日志
vim /usr/local/apache2/conf/httpd.conf 搜索LogFormat
使用第一个比较齐全。
CustomLog “logs/123.com-access_log” combined
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
curl -x127.0.0.0:80 -I 123.com 查看日志
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.123.com$
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L]
SetEnvIf Request_URI ".*\.gif$" image-request
SetEnvIf Request_URI ".*\.jpg$" image-request
SetEnvIf Request_URI ".*\.png$" image-request
SetEnvIf Request_URI ".*\.bmp$" image-request
SetEnvIf Request_URI ".*\.swf$" image-request
SetEnvIf Request_URI ".*\.js$" image-request
SetEnvIf Request_URI ".*\.css$" image-request
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!image-request
先定义一个image-request环境变量,把图片类信息归类到image-request,env=!image-request把以外的类型的文件记录到日志中。rotatelogs 为httpd自带的切割日志工具。
5、配置静态元素过期时间
静态文件缓存在用户电脑上的时间
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.123.com$
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L]
SetEnvIf Request_URI ".*\.gif$" image-request
SetEnvIf Request_URI ".*\.jpg$" image-request
SetEnvIf Request_URI ".*\.png$" image-request
SetEnvIf Request_URI ".*\.bmp$" image-request
SetEnvIf Request_URI ".*\.swf$" image-request
SetEnvIf Request_URI ".*\.js$" image-request
SetEnvIf Request_URI ".*\.css$" image-request
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!image-request
ExpiresActive on //打开该功能的开关
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
用到mod_expires.c模块
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
检查httpd是否加载了expires模块,若没有参照:2域名跳转
测试 curl -x127.0.0.0:80 -I 123.com
6.配置防盗链
防盗链,通俗讲就是不让别人盗用你网站上的资源。
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
SetEnvIfNoCase Referer "http://www.123.com" local_ref
SetEnvIfNoCase Referer "http://123.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
Order Allow,Deny
Allow from env=local_ref
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
测试:curl -x127.0.0.0:80 -e “http://www.1234.com/1.txt” http://www.123.com/aming.jpg -I
-e来定义referer,一定要以http://开头
7、访问控制
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
Order deny,allow
Deny from all
Allow from 127.0.0.1
##针对某个文件
Order deny,allow
Deny from all
Allow from 127.0.0.1
##禁止php解析
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
php_admin_flag engine off
##针对user_agent
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} .*baidu.com.* [NC]
RewriteRule .* - [F]
user_agent为浏览器标识,