配置静态元素过期时间检查httpd是否加载expires模块
打开expires模块功能
虚拟主机配置文件
ExpiresActive on
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType image/jpg "access plus 24 hours"
ExpiresByType text/css "now plus 2 hours"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
测试
配置防盗链
虚拟主机的配置文件
SetEnvIfNocase Referer "http://www.123.com" local_ref
SetEnvIfNocase Referer "http://123.com" local_ref
SetEnvIfNocase Referer "^$" local_ref
order Allow,Deny
Allow from env=local_ref
只有来自Referer为local_ref的才能访问以(txt|doc|mp3|zip|rar|jpg|gif)结尾的文件
DocumentRoot "/data/wwwroot/burglar-chain"
ServerName www.burglar.com
ServerAlias www.burglar1.com www.burglar2.com
ErrorLog "logs/burglar.com-error_log"
CustomLog "logs/burglar.com-access_log" common
SetEnvIfNocase Referer "https://blog.51cto.com/13480443/2073462" local_ref
#SetEnvIfNocase Referer "^$" local_ref
order Allow,Deny
Allow from env=local_ref
# mkdir -p /data/wwwroot/burglar-chain
# vim /data/wwwroot/burglar-chain/burglar.php
echo "burglar-chain";
?>
测试[root@apenglinux-002 aming.com]# curl -x127.0.0.1:80 www.burglar.com/burglar.php -I
HTTP/1.1 403 Forbidden
Date: Tue, 27 Feb 2018 06:55:00 GMT
Server: Apache/2.4.25 (Unix) PHP/5.6.30
Content-Type: text/html; charset=iso-8859-1 //拒绝访问
访问成功
访问控制#访问控制-Directory
DocumentRoot "/data/wwwroot/accesscontrol"
ServerName www.accesscontrol.com
ServerAlias www.accesscontrol1.com www.accesscontrol2.com
Order deny,allow
Deny from all
Allow from 192.168.221.0/24
ErrorLog "logs/accesscontrol.com-error_log"
CustomLog "logs/accesscontrol.com-access_log" combined
Order deny,allow
Deny from all
Allow from 192.168.221.0/24
限制某个目录禁止解析php
DocumentRoot "/data/wwwroot/prohibit"
ServerName www.prohibit.com
ServerAlias www.prohibit1.com www.prohibit2.com
php_admin_flag engine off
ErrorLog "logs/prohibit.com-error_log"
CustomLog "logs/prohibit.com-access_log" combined
在浏览器上访问时提供了一个下载的窗口
用curl命令访问时,看到了源代码[root@apenglinux-002 ~]# curl -x127.0.0.1:80 www.prohibit.com/upload/index.php
echo "prohibit";
?>
限制user_Agent
DocumentRoot "/data/wwwroot/prohibit"
ServerName www.prohibit.com
ServerAlias www.prohibit1.com www.prohibit2.com
#
# php_admin_flag engine off
#
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR] //NC代表不区分大小写,OR表示或者
RewriteCond %{HTTP_USER_AGENT} .*Mozilla.* [NC]
RewriteRule .* - [F] //F表示Forbidden
ErrorLog "logs/prohibit.com-error_log"
CustomLog "logs/prohibit.com-access_log" combined