LAMP中的httpd配置

1、默认虚拟主机
vim /usr/local/apache2/conf/httpd.conf
搜索httpd-vhost，把这行#号删除
保存主配置文件，然后编辑虚拟主机
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
虚拟主机配置如下

    ServerAdmin [email protected]
    DocumentRoot "/data/wwwroot/aming.com" 
    ServerName aming.com
    ServerAlias www.aming.com
    ErrorLog "logs/aming.com-error_log"
    CustomLog "logs/aming.com-access_log" common



    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com

创建虚拟主机站点的根目录mkdir -p /data/www.root/aming.com
echo “aming.com” > /data/wwwroot/aming.com/index.html (网站默认的主页就是index.html)
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
curl -x127.0.0.0:80 aming.com
2.用户认证

vim /usr/local/apache2/conf/extra/httpd-vhosts.conf

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
<Directory /data/wwwroot/www.123.com> //指定认证的目录
    AllowOverride AuthConfig //这个相当于打开认证的开关
    AuthName "123.com user auth" //自定义认证的名字，作用不大
    AuthType Basic //认证的类型，一般为Basic，其他类型阿铭没用过
    AuthUserFile /data/.htpasswd  //指定密码文件所在位置
require valid-user //指定需要认证的用户为全部可用用户
</Directory>
</VirtualHost>

httpd的配置文件完成，接下来创建密码
/usr/local/apache2/bin/htpasswd -cm /data/.httpdwd aming
htpasswd为创建用户的工具，-c为creat（创建），-m是指密码加密方式MD5
/data/.htpasswd为密码文件，第一次需要加-c，第二次就不需要加-c了，否则/data/.htpasswd会被重置，用户会被清空。
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
可以对一个目录或者单独的文件用户认证。
3.域名跳转

80>
    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
     //需要mod_rewrite模块支持
        RewriteEngine on  //打开rewrite功能
        RewriteCond %{HTTP_HOST} !^www.123.com$  //定义rewrite的条件，主机名（域名）不是www.123.com满足条件
        RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则，当满足上面的条件时，这条规则才会执行
    

/usr/local/apache2/bin/apachectl -M |grep -i rewrite看有没有rewrite模块，若没有，
vim /usr/local/apache2/conf/httpd.conf
搜索rewrite，删除#
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
/usr/local/apache2/bin/apachectl -M |grep -i rewrite 在加载一次
测试：curl -x127.0.0.0：80 -I 123.com

4.配置访问日志
vim /usr/local/apache2/conf/httpd.conf 搜索LogFormat
使用第一个比较齐全。
CustomLog “logs/123.com-access_log” combined
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
curl -x127.0.0.0：80 -I 123.com 查看日志

    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^www.123.com$
        RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L]
    
    SetEnvIf Request_URI ".*\.gif$" image-request
    SetEnvIf Request_URI ".*\.jpg$" image-request
    SetEnvIf Request_URI ".*\.png$" image-request
    SetEnvIf Request_URI ".*\.bmp$" image-request
    SetEnvIf Request_URI ".*\.swf$" image-request
    SetEnvIf Request_URI ".*\.js$" image-request
    SetEnvIf Request_URI ".*\.css$" image-request
    CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!image-request

先定义一个image-request环境变量，把图片类信息归类到image-request，env=!image-request把以外的类型的文件记录到日志中。rotatelogs 为httpd自带的切割日志工具。
5、配置静态元素过期时间
静态文件缓存在用户电脑上的时间

    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^www.123.com$
        RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L]
    
    SetEnvIf Request_URI ".*\.gif$" image-request
    SetEnvIf Request_URI ".*\.jpg$" image-request
    SetEnvIf Request_URI ".*\.png$" image-request
    SetEnvIf Request_URI ".*\.bmp$" image-request
    SetEnvIf Request_URI ".*\.swf$" image-request
    SetEnvIf Request_URI ".*\.js$" image-request
    SetEnvIf Request_URI ".*\.css$" image-request
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!image-request

    ExpiresActive on  //打开该功能的开关
    ExpiresByType image/gif  "access plus 1 days"
    ExpiresByType image/jpeg "access plus 24 hours"
    ExpiresByType image/png "access plus 24 hours"
    ExpiresByType text/css "now plus 2 hour"
    ExpiresByType application/x-javascript "now plus 2 hours"
    ExpiresByType application/javascript "now plus 2 hours"
    ExpiresByType application/x-shockwave-flash "now plus 2 hours"
    ExpiresDefault "now plus 0 min"

用到mod_expires.c模块
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
检查httpd是否加载了expires模块，若没有参照：2域名跳转
测试 curl -x127.0.0.0：80 -I 123.com
6.配置防盗链
防盗链，通俗讲就是不让别人盗用你网站上的资源。

    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
    
        SetEnvIfNoCase Referer "http://www.123.com" local_ref
        SetEnvIfNoCase Referer "http://123.com" local_ref
        SetEnvIfNoCase Referer "^$" local_ref
        
            Order Allow,Deny
            Allow from env=local_ref
        
    

/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl graceful
测试：curl -x127.0.0.0：80 -e “http://www.1234.com/1.txt” http://www.123.com/aming.jpg -I
-e来定义referer，一定要以http://开头
7、访问控制

    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
    
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1
    



##针对某个文件

    
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1
    


##禁止php解析

    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
    
        php_admin_flag engine off
    


##针对user_agent

    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined
    
        RewriteEngine on
        RewriteCond %{HTTP_USER_AGENT}  .*curl.* [NC,OR]
        RewriteCond %{HTTP_USER_AGENT}  .*baidu.com.* [NC]
        RewriteRule  .*  -  [F]
    

user_agent为浏览器标识，