LAMP中apache的配置步骤

# 默认虚拟主机

<VirtualHost *:80>

    DocumentRoot "/tmp/123"## 目录“/tmp/123”需要提前创建,并赋予600的权限

    ServerName 333.com

</VirtualHost>

# Discuz配置

<VirtualHost *:80>

    DocumentRoot "/data/www"

    ServerName www.111.com

    ServerAlias www.222.com

  php_admin_value open_basedir "/data/www/:/tmp/            ## 区分不同虚拟机,限制多个

# Apache访问控制

<Directory "/data/www">

    AllowOverride None

    Options None

    Order allow,deny

    Allow from all

    Deny from 127.0.0.1

</Directory>

# 根据“admin.php”来做个白名单

<filesmatch "(.*)admin(.*)">

    Order deny,allow

    Deny from all

    Allow from 127.0.0.1

</filesmatch>

 ErrorLog "111.com-error_log"

# 不记录指定文件日志

   SetEnvIf Resquest_URI ".*\.gif$" image-request

   SetEnvIf Resquest_URI ".*\.jpg$" image-request

   SetEnvIf Resquest_URI ".*\.png$" image-request

   SetEnvIf Resquest_URI ".*\.bmp$" image-request

   SetEnvIf Resquest_URI ".*\.swf$" image-request

   SetEnvIf Resquest_URI ".*\.js$" image-request

   SetEnvIf Resquest_URI ".*\.css$" image-request

# 日志切割(目录在/usr/local/apache2/logs下)

 CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/111.com-access_Y%m%d%_log 86400" combined env=!image-request

# 配置静态缓存

<IfModule mod_expires.c>

   ExpiresActive on

   ExpiresByType image/gif "access plus 1 days"

   ExpiresByType image/jpeg "access plus 24 hours"

   ExpiresByType image/png "access plus 24 hours"

   ExpiresByType test/css "now plus 2 hour"

   ExpiresByType application/x-javascript "now plus 2 hours"

   ExpiresByType application/x-shockwave-flash "now plus 2 hours"

   ExpiresDefault "now plus 0 min"

</IfModule>

# 配置防盗链

   SetEnvIfNoCase Referer "^http://.*\.111\.com" local_ref

   SetEnvIfNoCase Referer ".*\.222\.com" local_ref

<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif|png|js|css)">

   Order Allow,Deny

   Allow from env=local_ref

</filesmatch>

# Apache禁止解析php

<Directory /data/www/data>

   php_admin_flag engine off

<filesmatch "(.*)php">

   Order deny,allow

   Deny from all

</filesmatch>

</Directory>

# 域名301跳转

<IfModule mod_rewrite.c>

   RewriteEngine on

   RewriteCond %{HTTP_HOST} ^www.222.com$

   RewriteRule ^/(.*)$ http://www.111.com/$1 [R=301,L]

# 禁止指定user_agent

   RewriteCond %{HTTP_USER_AGENT} ^.*curl.* [NC,OR]

   RewriteCond %{HTTP_USER_AGENT} ^.*chrome* [NC]

   RewriteRule .* - [F]

# 禁止通过浏览器访问某个目录

   RewriteCond %{REQUEST_URI} ^.*/tmp/.* [NC]

   RewriteRule .* - [F]

</IfModule>

# 用户认证

<Directory /data/www/abc/>

   AllowOverride AuthConfig

   AuthName "yonghuming"

   AuthType Basic

   AuthUserFile /data/.htpasswd  ## htpasswd -c /data/.htpasswd user1 这个在配置完别忘了创建

   require valid-user

</Directory>

</VirtualHost>


你可能感兴趣的:(虚拟机,虚拟主机,白名单)