apache下的原文件:
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.
# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
# /etc/apache2/
# |-- apache2.conf
# | `-- ports.conf
# |-- mods-enabled
# | |-- *.load
# | `-- *.conf
# |-- conf-enabled
# | `-- *.conf
# `-- sites-enabled
# `-- *.conf
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
# together by including all remaining configuration files when starting up the
# web server.
#
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections which can be
# customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
# directories contain particular configuration snippets which manage modules,
# global configuration fragments, or virtual host configurations,
# respectively.
#
# They are activated by symlinking available configuration files from their
# respective *-available/ counterparts. These should be managed by using our
# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
# their respective man pages for detailed information.
#
# * The binary is called apache2. Due to the use of environment variables, in
# the default configuration, apache2 needs to be started/stopped with
# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
# work with the default configuration.
# Global configuration
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the Mutex documentation (available
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
#Mutex file:${APACHE_LOCK_DIR} default
#
# The directory where shm and other runtime files will be stored.
#
DefaultRuntimeDir ${APACHE_RUN_DIR}
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the severity of messages logged to the error_log.
# Available values: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the log level for particular modules, e.g.
# "LogLevel info ssl:warn"
#
LogLevel warn
# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
# Include list of ports to listen on
Include ports.conf
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
AllowOverride All
Order deny,allow
Require all granted
</Directory>
<Directory /usr/share>
Options FollowSymLinks
AllowOverride All
Order deny,allow
Require all granted
</Directory>
<Directory /var/www/>
AllowOverride All
Order deny,allow
Require all granted
</Directory>
#<Directory /srv/>
# Options Indexes FollowSymLinks
# AllowOverride None
# Require all granted
#</Directory>
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
#
# The following directives define some format nicknames for use with
# a CustomLog directive.
#
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
#
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf
# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
这篇文章主要讲解几个常见问题:
如何打开目录
如何开启日志
如何限制ip
常用apache配置目录
一、常用的apache配置目录显示
Linux下Apache目录明细
默认目录是/var/www/html下。修改方法:
打开/etc/apache2/apache2.conf文件,找到下面这行
DocumentRoot "/var/www/html"
可以改成你想要的目录。
-----------------------------------------------------------
apache的默认重要配置信息如下:
配置文件:/etc/apache2/apache2.conf
服务器的根目录:/var/www/html
访问日志文件:/var/log/apache2/access_log
错误日志文件:/var/log/apache2/error_log
运行apache的用户:apache
运行apache的组:apache端口:80模块存放路径:/usr/lib/apache2/modules
二、打开apache目录
window下非常简单,在phpstudy下
phpstudy常规设置->显示目录即可
linux下则是:
Options FollowSymLinks 去掉就可以显示目录
<VirtualHost *:80>
DocumentRoot E:\wamp\www
ServerName www.local.com
ErrorLog "logs/local-error.log"
CustomLog "logs/local-access.log" common
<Directory E:\wamp\www>
Options FollowSymLinks
AllowOverride All
Order deny,allow
allow from all
</Directory>
</VirtualHost>
自定义索引(目录浏览)样式
上一步的 IndexOptions 选项可以自定义索引(目录浏览)样式,如下:
FancyIndexing 开启目录浏览修饰
HTMLTable 此选择与FancyIndexing一起构建一个简单的表来进行目录浏览修饰。
ScanHTMLTitles 搜索HTML标题
FoldersFirst 目录优先排在前面
NameWidth=85 表示文件名可以最多显示85个英文字符
DescriptionWidth=128 表示描述可以显示的字符数
IconWidth=16 Icon的宽度(像素)
IconHeight=16 Icon的高度(像素)
VersionSort 版本排序,如果没有此项,将按照拼音顺序排序
Charset=UTF-8 字符集
禁止显示Apache目录列表-Indexes FollowSymLinks
如何修改目录的配置以禁止显示 Apache 目录列表。
缺省情况下如果你在浏览器输入地址:
http://localhost:8080/
如果你的文件根目录里有 index.html,浏览器就会显示 index.html的内容,如果没有 index.html,浏览器就会显示文件根目录的目录列表,目录列表包括文件根目录下的文件和子目录。
同样你输入一个虚拟目录的地址:
http://localhost:8080/b/
如果该虚拟目录下没有 index.html,浏览器也会显示该虚拟目录的目录结构,列出该虚拟目录下的文件和子目录。
如何禁止 Apache 显示目录列表呢?
要禁止 Apache 显示目录结构列表,只需将 Option 中的 Indexes 去掉即可。
比如我们看看一个目录的目录配置:
<Directory "D:/Apa/blabla">
Options Indexes FollowSymLinks #---------->Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
你只需要将上面代码中的 Indexes 去掉,就可以禁止 Apache 显示该目录结构。用户就不会看到该目录下的文件和子目录列表了。
Indexes 的作用就是当该目录下没有 index.html 文件时,就显示目录结构,去掉 Indexes,Apache 就不会显示该目录的列表了。
第二种方法
解决办法:
1、编辑httpd.conf文件
vi ./conf/httpd.conf
找到如下内容:
?BR> <Directory “C:/Program Files/Apache2.2/htdocs”>
#
# Possible values for the Options directive are “None”, “All”,
# or any combination of:
Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that “MultiViews” must be named *explicitly* — “Options All”
# doesn’t give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be “All”, “None”, or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
……
在Options Indexes FollowSymLinks在Indexes前面加上 – 符号。
即: Options -Indexes FollowSymLinks
【备注:在Indexes前,加 + 代表允许目录浏览;加 – 代表禁止目录浏览。】
这样的话就属于整个Apache禁止目录浏览了。
如果是在虚拟主机中,只要增加如下信息就行:
<Directory “D:test”>
Options -Indexes FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
这样的话就禁止在test工程下进行目录浏览。
备注: 切记莫把“Allow from all”改成 “Deny from all”,否则,整个网站都不能被打开。
<Finished>
还有一种方法:
可以在根目录的 .htaccess 文件中输入
<Files *>
Options -Indexes
</Files>
就可以阻止Apache 将目录结构列表出来。
三、开启日记记录
window下:
在E:\Website\PHPstudy\PHPTutorial\Apache\conf\httpd.conf下把注释去掉就行
linux:是自动开启的
四、限制ip
1.Allow指令
Allow
指令的作用与其英文单词的含义一致,用于设置允许访问当前目录(及其子目录)或文件的用户范围。例如,Allow from all
表示允许所有用户访问。下面,我们参考更多的例子,以帮助理解(Deny
与Order
用法一致):
<Directory /web>
#只允许IP为123.10.10.2的用户访问/web目录
Allow from 123.10.10.2
</Directory>
<Directory /web>
#只允许IP以10.10开头的用户访问/web目录
Allow from 10.10
</Directory>
<Directory /web>
#只允许域名为365mini.com的用户访问
Allow from 365mini.com
</Directory>
2.Deny指令
同样的,Deny
指令的作用就是「Deny(拒绝)」,用于设置拒绝访问当前目录或文件的用户范围。例如,Deny from all
表示拒绝所有用户访问。
3.Order指令
在Apache的配置文件中,Order
指令用于控制Allow
指令和Deny
指令的生效顺序。例如,Order Allow,Deny
表示当前配置段中的Allow
指令先生效,Deny
指令后生效。
在Apache中,Allow
指令和Deny
指令在同一配置段中都可以有多条。不过,对于Allow
和Deny
指令而言,如果先生效的指令与后生效的指令的作用范围存在冲突,则起冲突的作用范围部分以后生效的指令为准。
下面,我们同样参考几个具体的例子以帮助大家理解:
<Directory /web> Order Allow,Deny Allow from all Deny from 112.2.10.2 #先允许所有用户访问,再拒绝112.2.10.2 #总结:允许除IP为112.2.10.2外的所有用户访问 </Directory>
<Directory /web> Order Allow,Deny Deny from 112.2.10.2 Allow from all #先允许所有用户访问,再拒绝112.2.10.2 #总结:允许除IP为112.2.10.2外的所有用户访问 #(即使Deny指令在Allow指令之前,但是根据Order Allow,Deny语句,仍然先看Allow,再看Deny) </Directory>
<Directory /web> Order Deny,Allow Deny from 112.2.10.2 Allow from all Deny from 123.10.10.1 #先拒绝112.2.10.2访问 #再拒绝123.10.10.1访问 #最后允许所有用户访问 #总结:允许所有用户访问 #(即使Allow指令在Deny指令前,但是根据Order Deny,Allow语句,仍然先看Deny,再看Allow) </Directory>
最后提示:
有时候无法登陆或许是权限的原因
chmod 777 -R /var/www
u 代表所有者(user)
g 代表所有者所在的组群(group)
o 代表其他人,但不是u和g (other)
a 代表全部的人,也就是包括u,g和o
r 表示文件可以被读(read)
w 表示文件可以被写(write)
x 表示文件可以被执行(如果它是程序的话)
其中:rwx也可以用数字来代替
r ————4
w ———–2
x ————1
- ————0
行动:
” “表示添加权限
- 表示删除权限
= 表示使之成为唯一的权限
当大家都明白了上面的东西之后,那么我们常见的以下的一些权限就很容易都明白了:
-rw——- (600) 只有所有者才有读和写的权限
-rw-r–r– (644) 只有所有者才有读和写的权限,组群和其他人只有读的权限
-rwx—— (700) 只有所有者才有读,写,执行的权限
-rwxr-xr-x (755) 只有所有者才有读,写,执行的权限,组群和其他人只有读和执行的权限
-rwx–x–x (711) 只有所有者才有读,写,执行的权限,组群和其他人只有执行的权限
-rw-rw-rw- (666) 每个人都有读写的权限
-rwxrwxrwx (777) 每个人都有读写和执行的权限