Home > Developer > Linux

2018-3-6 Linux Learning Notes

Source: Internet
Author: User
Tags rar
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

11.25 Configuring the anti-theft chain
    • background : Sometimes we don't want to allow other websites to access documents, images, audio and other documents that are located on our website by means of Web links, which can be implemented by restricting referer to the anti-theft chain.
    • How to configure the anti-theft chain:
    • Vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf
    • The configuration file adds the following:
      <Directory/data/wwwroot/123.com>
      Setenvifnocase Referer "http://123.com" Local_ref
      Setenvifnocase Referer "http://www.baidu.com" Local_ref
      Setenvifnocase Referer "^$" Local_ref
      <filesmatch ". (txt|doc|mp3|zip|rar|jpg|gif|png) ">
      Order Allow,deny
      Allow from Env=local_ref
      </FilesMatch>
      </Directory>
    • The above configuration means that access to this site can be accessed only through http://123.com,http://www.baidu.com and empty referer (like accessing the address directly in the browser, without a jump) three ways of accessing the Txt|doc|mp3|zip |rar|jpg|gif|png, and any other requests for access are rejected.
    • Reload the configuration file:
      /usr/local/apache2.4/bin/apachectl-t
      /usr/local/apache2.4/bin/apachectl Graceful
    • Post-Configuration test:
    • (1) Custom Referer Access test:
      Curl-e "http://123.com"-x127.0.0.1:80-i 123.com/qq.png
      Curl-e "http://www.baidu.com"-x127.0.0.1:80-i 123.com/qq.png
    • (2) NULL Referer access test:
      Curl-x127.0.0.1:80-i 123.com/qq.png
11.26 Access Control Directory
    • background: Sometimes our site some content, such as the background management page, for security, do not want to external access, at this time we can access control directory (limited source IP) method only let the source IP for internal access through, the other all rejected.
    • To configure access control directory methods:
    • Vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf
    • The configuration file adds the following:
      <Directory/data/wwwroot/www.123.com/admin/> #配置访问控制的目标目录
      Order Deny,allow #是否能访问的顺序 (can ultimately be accessed by this line)
      Deny from all
      Allow from 127.0.0.1 #控制对象为来源IP
      </Directory>
    • Reload the configuration file:
      /usr/local/apache2.4/bin/apachectl-t
      /usr/local/apache2.4/bin/apachectl Graceful
    • Post-Configuration test:

      The Curl Test status code is 403, and the description is restricted to access.
11.27 Access Control FilesMatch
    • Access control FilesMatch and access control directory features are similar, except that FilesMatch Controls access control for smaller-scale layers (files).
    • To configure the access control FilesMatch method:
    • Vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf
    • The configuration file adds the following:
      <Directory/data/wwwroot/123.com>
      <filesmatch "admin.php (. *)" >
      Order Deny,allow
      Deny from all
      Allow from 127.0.0.1
      </FilesMatch>
      </Directory>
    • Reload the configuration file:
      /usr/local/apache2.4/bin/apachectl-t
      /usr/local/apache2.4/bin/apachectl Graceful
    • Post-Configuration test:

Extended Learning:
Several methods of restricting IP http://ask.apelearn.com/question/6519
Apache Custom Header http://ask.apelearn.com/question/830
Apache's keepalive and KeepAliveTimeout http://ask.apelearn.com/question/556

2018-3-6 Linux Learning Notes

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
andrew ng coursera machine learning notes linux learning curve 7 3 0 patch notes learning opencv 3 learning kali linux introduction to penetration testing openvpn kali linux 2018 embedded linux conference 2018
Related Article
Linux under the PS command Usage summary

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More