Apache压缩
实验准备
- CentOS7 ,win10,fiddler,Apache安装包。
实验过程
- Apache手工安装编译,及主文件配置
yum install gcc gcc-c++ pcre-devel pcre zlib-devel make -y
#执行configure
cd /opt/httpd-2.4.2
./configure \
--prefix=/usr/local/httpd \
--enable-deflate \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi
#make编译
make && make install
#安装完成之后建立一条软链接
ln -s /usr/local/httpd/conf/httpd.conf /etc/httpd.conf
#编辑主配置文件(其余配置与普通Apache配置一样)
vim /etc/httpd.conf
LoadModule deflate_module modules/mod_deflate.so //去掉#注释
LoadModule headers_module modules/mod_headers.so
LoadModule filter_module modules/mod_filter.so
<IFModule mod_deflate.c> //在末尾添加
AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml test/javascript text/jpg text/png
DeflateCompressionLevel 9
SetOutputFilter DEFLATE
</IFModule>
#检查语法
/usr/local/httpd/bin/apachectl -t
#启动Apache服务
systemctl stop firewalld
setenforce 0
/usr/local/httpd/bin/apachectl start
- 验证版本功能模块
apachectl -t -D DUMP_MODULES | grep "deflate"
- 在index.html上添加图片
cp -p goku.png /usr/local/httpd/htdocs/
vim /usr/local/httpd/htdocs/index.html
<html>
<body>
<h1>
It works!
</h1>
<img src="goku.png"/>
</body>
</html>
- 通过客户机验证图片压缩
在客户机IE浏览器中输入:192.168.18.135访问Apache服务器
Apache缓存
实验准备
- CentOS7 ,win10,fiddler,Apache安装包。
实验过程
- Apache手工安装编译,及主文件配置
#解包
tar -zxvf apr-1.4.6.tar.gz -C /opt
tar -zxvf apr-util-1.4.1.tar.gz -C /opt
tar -zxvf httpd-2.4.2.tar.gz -C /opt
mv /opt/apr-1.4.6/ /opt/httpd-2.4.2/srclib/apr
mv /opt/apr-util-1.4.1/ /opt/httpd-2.4.2/srclib/apr-util
yum install gcc gcc-c++ pcre-devel pcre zlib-devel make -y
#执行configure
cd /opt/httpd-2.4.2
./configure \
--prefix=/usr/local/httpd \
--enable-deflate \
--enable-expires \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi
#make编译
make && make install
#安装完成之后建立一条软链接
ln -s /usr/local/httpd/conf/httpd.conf /etc/httpd.conf
#编辑主配置文件(其余配置与普通Apache配置一样)
vim /etc/httpd.conf
LoadModule expires_module modules/mod_expires.so //去掉'#'注释
<IFModule mod_expires.c> //在末尾添加
ExpiresActive On
ExpiresDefault "access plus 50 seconds"
</IFModule>
#检查语法
/usr/local/httpd/bin/apachectl -t
#启动Apache服务
/usr/local/httpd/bin/apachectl start
systemctl stop firewalld
setenforce 0
- 验证模块
/usr/local/httpd/bin/apachectl -t -D DUMP_MODULES | grep "expires"
- 通过客户机验证图片压缩
在客户机IE浏览器中输入:192.168.18.135访问Apache服务器
配置防盗链
实验准备
CentOS7 ,win10,Apache安装包
实验过程
- 安装与配置dns服务
yum install bind -y
vim /etc/named.conf
vim /etc/named.rfc1912.zones
cd /var/named/
cp -p named.localhost kgc.com.zone
vim kgc.com.zone
- Apache手工安装编译,及主文件配置
#解包
tar -zxvf apr-1.4.6.tar.gz -C /opt
tar -zxvf apr-util-1.4.1.tar.gz -C /opt
tar -zxvf httpd-2.4.2.tar.gz -C /opt
mv /opt/apr-1.4.6/ /opt/httpd-2.4.2/srclib/apr
mv /opt/apr-util-1.4.1/ /opt/httpd-2.4.2/srclib/apr-util
yum install gcc gcc-c++ pcre-devel pcre zlib-devel make -y
#执行configure
cd /opt/httpd-2.4.2
./configure \
--prefix=/usr/local/httpd \
--enable-deflate \
--enable-expires \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi
#make编译
make && make install
#安装完成之后建立一条软链接
ln -s /usr/local/httpd/conf/httpd.conf /etc/httpd.conf
#编辑主配置文件(其余配置与普通Apache配置一样)
vim /etc/httpd.conf
LoadModule rewrite_module modules/mod_rewrite.so //去掉'#'注释
#在<Directory "/usr/local/httpd/htdocs">添加
RewriteEngine On
Rewritecond %{HTTP_REFERER} !^http://kgc.com/.*$ [NC]
Rewritecond %{HTTP_REFERER} !^http://kgc.com/$ [NC]
Rewritecond %{HTTP_REFERER} !^http://www.kgc.com/.*$ [NC]
Rewritecond %{HTTP_REFERER} !^http://www.kgc.com/$ [NC]
Rewriterule . *\.(gif|jpg|swf)$ http://www.kgc.com/error.png
#启动Apache服务
/usr/local/httpd/bin/apachectl start
systemctl stop firewalld
setenforce 0
- 验证功能模块
/usr/local/httpd/bin/apachectl -t -D DUMP_MODULES | grep "rewrite"
- 访问网址,如果访问盗链网站,则跳出error.png这张图片
配置隐藏版本信息
实验过程
#编辑主配置文件
vim /etc/httpd.conf
Include conf/extra/httpd-default.conf //去掉'#'注释
#修改default配置文件
vim /usr/local/httpd/conf/extra/httpd-default.conf
ServerTokens Prod
ServerSignature Off
#启动Apache服务
/usr/local/httpd/bin/apachectl stop
/usr/local/httpd/bin/apachectl start
然后我们再次访问网站,然后用抓包工具,就会发现版本号已被隐藏