301 is permanent redirect
302 is a temporary redirect
Editing the configuration file for a virtual host requires Apache's rewrite module
So we need to check if Apache installed the rewrite module first.
#./bin/apachectl-m | grep rewrite
Rewrite_module (Shared)
# vim/usr/local/apache/conf/extra/httpd-vhosts.conf
<ifmodule mod_rewrite.c>
Rewriteengine on
Rewritecond%{http_host} ^www.aaa.com$ [OR]
Rewritecond%{http_host} ^www.bbb.com$
Rewriterule ^/(. *) $ http://www.fansik.com/$1 [r=301,l]
</IfModule>
Apache Log Cutting
Customlog "|/usr/local/apache/bin/rotatelogs-l/usr/local/apache/logs/discuz-access_%y%m%d_log 86400" combined
Apache do not log the following end of the content
Setenvif Request_uri ". *\.gif$" Image-request
Setenvif Request_uri ". *\.jpg$" Image-request
Setenvif Request_uri ". *\.png$" Image-request
Setenvif Request_uri ". *\.bmp$" Image-request
Setenvif Request_uri ". *\.swf$" Image-request
Setenvif Request_uri ". *\.js$" Image-request
Setenvif Request_uri ". *\.css$" Image-request
Customlog "|/usr/local/apache/bin/rotatelogs-l/usr/local/apache/logs/discuz-access_%y%m%d_log 86400" combined env= !image-request
Apache Configure static caching
<ifmodule mod_expires.c>
Expiresactive on
Expiresbytype image/gif "Accessplus 1 Days"
Expiresbytype image/jpeg "Accessplus hours"
Expiresbytype image/png "Accessplus hours"
Expiresbytype text/css "Now plus 2hours"
Expiresbytype Application/x-javascript "now plus 2 hours"
Expiresbytypeapplication/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "Now plus 0min"
</IfModule>
After loading the above configuration, use curl to check it out.
# curl-x127.0.0.1:80 ' Http://120.55.194.217/static/image/common/logo.png '-I
If the red letter appears, the configuration is successful, the cache time is 86,400 seconds
http/1.1 OK
Date:tue, 15Mar 06:10:29 GMT
server:apache/2.4.6 (Unix) php/5.6.6
Last-modified:tue, Dec 02:39:16 GMT
ETag: "1149-52659e1375d00"
Accept-ranges:bytes
content-length:4425
cache-control:max-age=86400
expires:wed, 16Mar 06:10:29 GMT
Content-type:image/png
If it doesn't work, remember to check that the module switch is open.
Apache anti-theft chain
Setenvifnocasereferer "^http://.*\.discuz\.com" Local_ref
Setenvifnocase Referer ". *\.luntan\.com" Local_ref
< FilesMatch "\. (TXT|DOC|MP3|ZIP|RAR|JPG|GIF|PNG|JS|CSS) ">
Order Allow,deny
Allow from Env=local_ref
</filesmatch>
Apache access control (only allow native access to Admin page admin)
<filesmatch "(. *) admin (. *)" >
Order Deny,allow
Deny from all
Allow from 127.0.0.1
<filesmatch>
Apache disable parsing of PHP files in a directory
<Directory/opt/discuz>
Php_admin_flag engine off
<filesmatch "(. *) PHP" >
Order Deny,allow
Deny from all
</filesmatch>
</Directory>
Apache prohibit designation of User_agent
<IfModulemod_rewrite.c>
Rewritecond%{http_user_agent}^.*curl.* [Nc,or]
Rewritecond%{http_user_agent}^.*chrome* [NC]
Rewriterule. *-[F]
</IfModule>
Apache Restrict a directory
<IfModulemod_rewrite.c>
Rewritecond%{request_uri} ^.*/tmp/.* [NC]
Rewriterule. *-[F]
</IfModule>
Apache Common Configuration Items