三、在www.duanjiaxu.com域名的网站配置压缩、网页缓存、隐藏Apache版本
1、配置压缩
1)修改apache主配置文件配置压缩功能
[root@centos01 ~]# vim /usr/local/httpd/conf/httpd.conf //进入apache主配置文件 --- 391 AddOutputFilterByType DFLATE text/html text/plain text/css text/xml text/jav ascript 392 DeflateCompressionLevel 9 393 SetOutputFilter DEFLATE --- [root@centos01 ~]# httpd -t //检查是否有误 httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe25:91b5 for ServerName Syntax OK [root@centos01 ~]# systemctl restart httpd //重新启动apache服务 [root@centos01 ~]# netstat -anptu | grep httpd //监听网卡 tcp6 0 0 :::80 :::* LISTEN 109755/httpd
2)使用win10虚拟机验证(安装一个Fiddler4)
2、配置网页缓存
1)配置apache支持缓存功能
[root@centos01 ~]# cd /usr/src/httpd-2.2.17/ //进入apache源代码目录 [root@centos01 httpd-2.2.17]# ./configure --prefix=/usr/local/httpd --enable-so --enable-rewrite --enable-charset-lite --enable-deflate --enable-expires //安装网页缓存模块 [root@centos01 httpd-2.2.17]# make && make install //编译安装
2)查看是否成功安装缓存功能
[root@centos01 ~]# httpd -l
3)修改主配置文件开启缓存功能
[root@centos01 ~]# vim /usr/local/httpd/conf/httpd.conf //进入主配置文件 --- 394 <IfModule mod_expires.c> 395 ExpiresActive On //开启缓存 396 ExpiresDefault "access plus 120 seconds" //保存时间120秒 397 </IfModule> --- [root@centos01 ~]# httpd -t //检查主配置文件修改是否有误 httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe25:91b5 for ServerName Syntax OK --- [root@centos01 ~]# systemctl restart httpd //重新启动httpd服务
4)使用win10虚拟机验证
3、隐藏apache版本号
1)修改apache只配置文件保持连接
[root@centos01 ~]# vim /usr/local/httpd/conf/httpd.conf //进入主配置文件 378 Include conf/extra/httpd-default.conf //开启apache保持连接
2)修改apache主配置文件隐藏apache版本号
[root@centos01 ~]# vim /usr/local/httpd/conf/extra/httpd-default.conf --- 10 Timeout 3 //超时时间3秒 16 KeepAlive On 23 MaxKeepAliveRequests 1000 //最大并发量 29 KeepAliveTimeout 3 //保存超时时间3秒 55 ServerTokens Prod // 65 ServerSignature Off //隐藏版本号 [root@centos01 ~]# systemctl restart httpd //重新启动apache服务 [root@centos01 ~]# netstat -anptu | grep httpd //监听网卡 tcp6 0 0 :::80 :::* LISTEN 121600/httpd
3)使用win10虚拟机验证
四、在www.duanjiaxu.com网站配置防盗,防止www.djx.com盗www.duanjiaxu.com的连接
1、切换到网站根目录上传图片
1)上传图片
[root@centos01 ~]# cd /www //切换到网站根目录 [root@centos01 www]# rz //上传图片 [root@centos01 www]# ls //查看图片是否上传成功 03.jpg index.html Linux.jpg
2)编辑网站主页
[root@centos01 www]# vim index.html //进入网站主页目录 <html> <body> <img src="./01.jpg"/> </body> </html>
3)使用win10虚拟机验证访问www.duanjiaxu.com查看是否能够正常访问到图片
4)配置第二台apache服务器盗用第一台apache服务器的图片连接选择图片鼠标右键点击属性复制URL
[root@centos03 ~]# ls /www index.html [root@centos03 ~]# vim /www/index.html //进入apache网站主页目录 --- <img src="http://www.duanjiaxu.com/01.JPG"/> [root@centos03 ~]# systemctl restart httpd //重新启动apache服务 [root@centos03 ~]# netstat -anptu | grep httpd //监听网卡 tcp6 0 0 :::80 :::* LISTEN 45902/httpd
5)使用win10虚拟机验证
2、配置防盗链
1)修改apache主配置文件配置防盗链
[root@centos01 ~]# vim /usr/local/httpd/conf/httpd.conf //进入apache主配置文件 --- 133 <Directory "/www"> 134 Options Indexes FollowSymLinks 135 AllowOverride None 136 Order allow,deny 137 Allow from all 138 RewriteEngine On //开启地址重新 139 RewriteCond %{HTTP_REFERER} !^$ 140 RewriteCond %{HTTP_REFERER} !^http://duanjiaxu.com/.*$ [NC] 141 RewriteCond %{HTTP_REFERER} !127.0.0.1.*$ [NC] 142 RewriteCond %{HTTP_REFERER} !192.168.100.10.*$ [NC] 143 RewriteCond %{HTTP_REFERER} !^http://duanjiaxu.com$ [NC] 144 RewriteCond %{HTTP_REFERER} !^http://www.duanjiaxu.com/.*$ [NC] 145 RewriteCond %{HTTP_REFERER} !^http://www.duanjiaxu.com/$ [NC] 146 RewriteRule .*\.(gif|jpg|swf)$ http://www.duanjiaxu.com/04.png [R,NC,L] 147 </Directory> --- [root@centos01 ~]# httpd -t //检查配置文件修改是否有误 httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe25:91b5 for ServerName Syntax OK [root@centos01 ~]# /etc/init.d/httpd restart //重新启动apache服务 httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe25:91b5 for ServerName [root@centos01 ~]# netstat -anptu | grep httpd //监听网卡 tcp6 0 0 :::80 :::* LISTEN 123664/httpd
2)使用win10虚拟机访问www.djx.com验证
3)使用抓包软件查看防盗链接过程
