Apache防盗链和隐藏版本信息
实验步骤
[root@promote ~]# hostnamectl set-hostname kgc
[root@promote ~]# su
][root@kgc ~]# iptables -F
[root@kgc ~]# setenforce 0
[root@kgc ~]# yum install bind -y
[root@kgc ~]# vim /etc/named.conf
[root@kgc ~]# vim /etc/named.rfc1912.zones
[root@kgc ~]# cd /var/named/
[root@kgc named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@kgc named]# cp -p named.localhost kgc.com.zone
[root@kgc named]# vim kgc.com.zone
[root@kgc named]# systemctl start named
[root@kgc named]# cd /opt
[root@kgc opt]# rz -E ##把apache的三个包拖进来
rz waiting to receive.
[root@kgc opt]# ls
111 aaa2.sh aaa.sh apr-1.6.2.tar.gz httpd-2.4.29.tar.bz2 ps.txt
aaa1.sh aaa3.sh abc apr-util-1.6.0.tar.gz httpd.conf rh
[root@kgc opt]# tar jxvf httpd-2.4.29.tar.bz2
[root@kgc opt]# tar zxvf apr-1.6.2.tar.gz
[root@kgc opt]# tar zxvf apr-util-1.6.0.tar.gz
[root@kgc opt]# mv apr-1.6.2 httpd-2.4.29/srclib/apr
[root@kgc opt]# mv apr-util-1.6.0 httpd-2.4.29/srclib/apr-util
[root@kgc opt]# cd httpd-2.4.29/
[root@kgc httpd-2.4.29]# yum install gcc gcc-c++ pcre pcre-devel perl expat-devel zlib-devel -y
[root@kgc httpd-2.4.29]# ./configure \
–prefix=/usr/local/httpd
–enable-deflate
–enable-so
–enable-rewrite
–enable-charset-lite
–enable-cgi
[root@kgc httpd-2.4.29]# make && make install
[root@kgc httpd-2.4.29]# ln -s /usr/local/httpd/conf/httpd.conf /etc/
[root@kgc httpd-2.4.29]# cd /usr/local/httpd/htdocs/
[root@kgc htdocs]# ls
index.html
[root@kgc htdocs]# rz -E ##把图片拖进来
rz waiting to receive.
[root@kgc htdocs]# ls
error.jpg index.html timg.png
[root@kgc htdocs]# vim index.html
[root@kgc htdocs]# vim /etc/httpd.conf
[root@kgc htdocs]# cd …
[root@kgc httpd]# ls
bin build cgi-bin conf error htdocs icons include logs man manual modules
[root@kgc httpd]# cd bin/
[root@kgc bin]# ./apachectl start ##启动服务
可以访问了
接下来要在另一个上面做盗链网站
[root@promote ~]# iptables -F
[root@promote ~]# setenforce 0
[root@promote ~]# yum install httpd -y
[root@promote ~]# vim /etc/httpd/conf/httpd.conf
[root@promote ~]# cd /var/www/html/
[root@promote html]# ls
[root@promote html]# vim index.html
[root@promote html]# echo “nameserver 192.168.169.200” > /etc/resolv.conf
[root@promote html]# systemctl start httpd
[root@promote html]# netstat -natp | grep httpd
tcp 0 0 192.168.169.100:80 0.0.0.0:* LISTEN 10579/httpd
接下来是防盗链
[root@kgc bin]# vim /etc/httpd.conf
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://kgc.com/.$ [NC]
RewriteCond %{HTTP_REFERER} !^http://kgc.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.kgc.com/.$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.kgc.com/$ [NC]
RewriteRule .*.(gif|jpg|swf)$ http://www.kgc.com/error.png
[root@kgc bin]# ./apachectl stop
[root@kgc bin]# ./apachectl start
-------------接下来设置隐藏版本信息-----------------------------------------
[root@kgc ~]# vim /etc/httpd.conf
[root@kgc ~]# cd /usr/local/httpd/conf/extra/
[root@kgc extra]# vim httpd-default.conf
[root@kgc bin]# cd /usr/local/httpd/bin/
[root@kgc bin]# ./apachectl stop
[root@kgc bin]# ./apachectl start