Tips for Apache server

A1.1 Apache module

In the building blocks game, each building block has different shapes and sizes. The children select the right building blocks based on their own imagination to build a complete house. The Apache module is similar to this. Each module provides different functions, which can be executed on Apache as needed.ProgramOr Remove useless modules. The Apache core module http_core provides the most basic functions. Without it, Apache cannot do anything. In addition to this module, most modules can be freely selected.
Among the many Apache modules, there is a striking module: mod_so. It provides a method to dynamically load the Apache module. With mod_so, you do not have to re-compile Apache to add or delete a module. All you have to do is modify the content of httpd. conf and restart httpd. In Apache of xteamserver, only http_core and mod_so modules are compiled, and other modules are dynamically loaded in httpd. conf.

A1.2 proxy service settings

Apache has a proxy module. Edit the configuration file httpd. conf and set the following in the proxy: -- remove the original comments before the proxy line and make corresponding modifications:
Loadmodule proxy_module modules/libproxy. So
Addmodule mod_proxy.c
<Ifmodule mod_proxy.c>
Proxyrequests on
<Directory Proxy: *>
Order deny, allow
Deny from all
Allow from. your_domain.com
</Directory>
Proxyvia on
Cacheroot "/var/Cache/httpd"
Cachesize 102400
Cachegcinterval 4
Cachemaxexpire 48
Cachelastmodifiedfactor 0.1
Cachedefaultexpire 1
Nocache some_domain.com
</Ifmodule>
Where:
Cachesize 102400 indicates that the cache size is 100 MB;
Cachegcinterval 4 sets Apache to forcibly Delete outdated cache files every 4 hours;
Cachemaxexpire 48 sets the end time of All cached files to 48 hours;
Cachelastmodifiedfactor 0.1 when the original server does not provide a file expiration time, the expiration time is automatically calculated;
Cachedefaultexpire 1 sets the default end time of All cached files to 1 hour;
Nocache some_domain.com indicates the hosts, domain names, and IP addresses that are not cached. Separate them with spaces;
After changing the configuration, create the cache directory used by the proxy on the server (/var/Cache/httpd in this example) and set its attribute to writable state (the owner is nobody, permission is 755), and then restart Apache to change the configuration to take effect. In this way, the proxy can be set to the server in the browser of the client.

A1.3 create a domain name-based VM Service

A virtual host service virtualizes a machine into multiple web servers. For example, you can store the homepage content of www.company1.com and www.company2.com on the same host. Visitors only need to enter the domain name of the company to access the homepage content they want.
Assume that the IP address of the host where the Apache server is located is 202.202.202.202. Add the following content to the configuration file httpd. conf:
Namevirtualhost 202.202.202.202

serveradmin webmaster@yourdomain.com
DocumentRoot/home/httpd/www.company1.com
servername www.company1.com
errorlog/var/log/httpd/logs


serveradmin webmaster@yourdomain.com
DocumentRoot/home/httpd/www.company2.com
servername www.company2.com
errorlog/var/ lo G/httpd/www.company2.com/error.log

, create a directory on the server, and restart Apache. The changed configuration takes effect, you can use the domain name-based VM service.

A2 Wu-Tips for FTP Server

A2.1 ftpaccess

Most of the functions provided by Wu-FTP are stored in/etc/ftpaccess. Below are some tips for setting this file.

Connection rejected

The deny setting has two functions:
1. Set a machine from a specific network address to not allow connection.
2. When a machine from the specified network address tries to connect, specify the message file to be displayed.
In this way, the user will know why the connection is denied.
Usage:
Deny * .somewhere.com/etc/ftpmsgs/MSG. Denied
When a user from * .somewhere.com connects to the FTP server, the system displays the content in the file/etc/ftpmsgs/MSG. Denied on the client. You can change the content of the file as needed.

Set the maximum number of people allowed to connect at the same time

Limit can be used to set the categories and periods for which a maximum of several persons can be connected at the same time.
Usage:
Limit all 20 Any/etc/ftpmsgs/msg. tooworkflow
If the user category is all, a maximum of 20 users can be created at the same time in any time period. If the user category is exceeded, the user will be rejected, the system displays the file/etc/ftpmsgs/MSG on the client. content in toomany.

Settings for displaying other messages

Wu-FTP allows users to display different messages during connection, logon, and Directory change. The sources of the displayed messages are specified by the banner and message respectively.

Banner

Usage:
Banner/etc/ftp. BANNER
Set the message displayed when the user connects to the server at the beginning, which is usually the introduction of the current host. Some variables can be included in the file, which will be replaced by appropriate strings when displayed. List common variables as follows:
% E: Administrator's email address;
% L: Host Name;
% M: Maximum number of users allowed to connect simultaneously;
% N: currently, how many users are online;
% T: current time;

Message

Usage:
Message/etc/welcome. MSG Login
After the user successfully logs on to the server, Wu-FTP displays the/etc/welcome. MSG file as a welcome message.
Usage:
Messages. Message CWD = *
After the user changes the directory, Wu-FTP displays the. Message file in the directory as an auxiliary description.

A2.2 anonymous password check principles

When Wu-FTP allows anonymous logon, the password is generally used to enter the e-mail address of the visitor, but we cannot determine whether the e-mail address entered by the visitor is valid. In this case, Wu-FTP provides an option for Wu-FTP to check whether the password entered by the visitor is actually in an e-mail address format (user @ hostname ), then, give a warning message to a non-similar user, or force the user to enter a correct password.
Usage:
Passwd-check rfc822 warn
If the password is not in the E-mail format and a warning message is displayed, you can still log on.
Passwd-check rfc822 enforce
If the password is not in the E-mail format, ask the visitor to enter it again.
Tools attached to 2wu-ftp
In addition to providing FTP server programs, Wu-FTP also comes with several gadgets for system administrators to check the running status of FTP servers.
Ftpcount: displays the number of FTP Server users currently.
Ftpwho: displays the current user line of the FTP server, similar to ftpcount, but the information is more detailed.