一、配置虚拟主机
httpd.conf两个必开选项(centos 6.9)
LoadModule vhost_alias_module modules/mod_vhost_alias.so #打开模块,默认为开
NameVirtualHost *:80 #打开NameVirtualHost,默认为关
1、基于ip地址
- 给eth0配置新ip地
[root@redwand conf]# ifconfig eth0:1 10.10.10.171
[root@redwand conf]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:4B:6A:08
inet addr:10.10.10.170 Bcast:10.10.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe4b:6a08/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30102 errors:0 dropped:0 overruns:0 frame:0
TX packets:18450 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:27636739 (26.3 MiB) TX bytes:2391524 (2.2 MiB)
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:4B:6A:08
inet addr:10.10.10.171 Bcast:10.255.255.255 Mask:255.0.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- httpd.conf配置文件
<VirtualHost 10.10.10.170:80> #配置vhost170
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html
ServerName www.mytest.com
ErrorLog logs/mytest.com-error_log
CustomLog logs/mytest.com-access_log common
</VirtualHost>
<VirtualHost 10.10.10.171:80> #配置vhost171
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html/test/upload-labs
ServerName www.upload-labs.com
ErrorLog logs/upload.com-error_log
CustomLog logs/upload.com-access_log common
</VirtualHost>
- 客户端/etc/hosts
10.10.10.170 www.mytest.com
10.10.10.171 www.upload-labs.com
2、基于域名
- httpd.conf配置文件
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html/test/upload-labs
ServerName www.upload-labs.com
ErrorLog logs/upload-labs.com-error_log
CustomLog logs/upload-labs.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html
ServerName www.mytest.com
ErrorLog logs/mytest.com-error_log
CustomLog logs/mytest.com-access_log common
</VirtualHost>
3、基于端口
- httpd.conf配置文件
Linsten 80
Linsten 81
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html/test/upload-labs
ServerName www.mytest.com
ErrorLog logs/upload-labs.com-error_log
CustomLog logs/upload-labs.com-access_log common
</VirtualHost>
<VirtualHost *:81>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html
ServerName www.mytest.com
ErrorLog logs/mytest.com-error_log
CustomLog logs/mytest.com-access_log common
</VirtualHost>
二、目录访问控制
1、一般目录默认选项
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
(1)Options
Inedexs:可以目录索引,开启出现目录浏览漏洞,即index of。
FollowSymLinks:在web目录下是否可以当问快捷方式指向的目录。
[root@redwand ~]# mkdir /web
[root@redwand ~]# echo "This is web" > /web/index.html
[root@redwand ~]# ln -s /web /var/www/html
[root@redwand ~]# ll /var/www/html/web
lrwxrwxrwx 1 root root 4 1月 5 00:26 /var/www/html/web -> /web
当配置-FollowSymLinks时:
Forbidden
You don’t have permission to access /web/ on this server.
当配置FollowSymLinks时:
This is web
(2)Order allow,deny 放在后面的优先级高
Order allow,deny
allow 192.168.0.0/24
deny 192.168.0.0/24 #实际起作用
Order deny,allow
allow 192.168.0.0/24 #实际其作用
deny 192.168.0.0/24
2、特殊目录访问控制
Alias /admin/ "/admin/" #注意最后的/,没有将出错,虚拟目录配置。
<Directory "/admin"> #注意这里没有/
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
authtype basic
authname "admin_web"
authuserfile /etc/httpd/conf/passwd.secret
require valid-user #require user tom bob
</Directory>
htpasswd设置valid-user
-c:创建一个加密文件;
-n:不更新加密文件,只将加密后的用户名密码显示在屏幕上;
-m:默认采用MD5算法对密码进行加密;
-d:采用CRYPT算法对密码进行加密;
-p:不对密码进行进行加密,即明文密码;
-s:采用SHA算法对密码进行加密;
-b:在命令行中一并输入用户名和密码而不是根据提示输入密码;
-D:删除指定的用户。
[root@redwand admin]# htpasswd -cm /etc/httpd/conf/passwd.secret u1_md5
[root@redwand admin]# cat /etc/httpd/conf/passwd.secret
u1_md5:$apr1$FgxedXCv$/yZ2BDIodO/yTtPiRzGS/1
u2_crypt:SkggAh44MvTP6
u3:123456
u4_sha:{SHA}fEqNCco3Yq9h5ZUglD3CZJT4lBs=
3、特殊目录访问抓包
http://10.10.10.170/admin/
第一请求包,弹出认证框。
第二个请求包,输入认证账户密码。
发现账户密码是base64加密,解密如下。
三、其他细节配置
1、ServerToken的作用:
http-header中修改显示信息,并通过nmap等探测器无法探测到apache具体版本号。
- ServerToken FULL
响应头:Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips mod_wsgi/3.2 Python/2.6.6 mod_perl/2.0.4 Perl/v5.10.1 - ServerToken OS #默认配置
响应头:Server: Apache/2.2.15 (CentOS) - ServerToken Min[imal]
响应头:Server: Apache/2.2.15 - ServerToken Minor
响应头:Server: Apache/2.2 - ServerToken Major
响应头:Server: Apache/2 - ServerToken Prod[uctOnly]
响应头:Server: Apache - 如果想要完全隐藏响应中的Server头,需要重新编译apache安装包。
- 隐藏X-Powered-By
在php.ini中,设置 expose_php = Off。
2、ServerSignature的作用
- ServerSignature on
- ServerSignature off