Apache Server Configuration Raiders 3_ server

Apache Server Configuration Full Introduction (vi)
Usually, when connected, the server can only get the IP address of the client, and if you want to obtain the client's hostname for logging and providing to the CGI program, you need to use this hostnamelookups option to set it to on to turn on the DNS back-check feature. However, this causes the server to perform DNS queries on each client request, increasing the overhead and slowing the response, so the default setting is to turn off this option with off. When the option is turned off, the server does not get the host name of the client, and only the IP address is used to record the customer.
Errorlog/var/log/httpd-error.log
LogLevel warn
Logformat "%h%l%u%t"%r "%>s%b"%{referer}i ""%{user-agent} "" Combined
Logformat "%h%l%u%t"%r "%>s%b" common
Logformat "%{referer}i->%u" Referer
Logformat "%{user-agent}i" Agent
#CustomLog/var/log/httpd-access.log Common
#CustomLog/var/log/httpd-referer.log Referer
#CustomLog/var/log/httpd-agent.log Agent
Customlog/var/log/httpd-access.log combined
This defines the form of the system log and, for server error logging, defines different error log files and their contents by errorlog, loglevel.
For system access logs, the default use of the Customlog parameter to define the location of the log, by default, by using the combined parameter to specify that all access logs be placed in a single file, however, different kinds of access logs can be placed in a different log file, which is done through the The Customlog specifies a different record type to complete. Common represents a common request access record for a single page, Referer represents a reference record for each page, you can see the number of requests contained in a page, the agent represents the type record of the client, and it is clear that you can annotate the existing combined defined set line and use common, The Referer and the agent are used as Customlog parameters to specify logging files for different kinds of logs respectively.
Obviously, Logformat is the format used to define different types of logs for logging, where macro definitions beginning with% are used to record different content.
If the files specified by these parameters use a relative path, then the path is relative to the serverroot.
Serversignature on
In some cases, for example, when a customer requests a Web page that does not exist, the server generates an error document, and by default the Serversignature option is turned on, and the last line of the error document contains information such as the server's name, the Apache version, and so on. Some administrators prefer not to display this information, you can set this parameter to OFF, or set to email, the last line will be replaced by the ServerAdmin email prompt.
alias/icons/"/www/icons/"
Options Indexes MultiViews
AllowOverride None
Order Allow,deny
Allow from all
The alias parameter is used to map the URL directly to the real location in the server file system, and the generic document will be queried in DocumentRoot, but the path defined using the alias will map directly to the corresponding directory and no longer be queried under DocumentRoot. Therefore, the alias can be used to map the paths of some common files, such as the icons path of the various common icons. This allows directories outside the document root (DocumentRoot) to be available to the browser, in addition to symbolic connections, by using the alias map.
Once you have defined a mapped path, you should use the directory statement to set access restrictions.

scriptalias/cgi-bin/"/www/cgi-bin/"
AllowOverride None
Options None
Order Allow,deny
Allow from all
Scriptalias is also a mapping for URL paths, but unlike the alias, Scriptalias is the path used to map CGI programs, and the files under this path are defined as CGI programs that are executed to obtain results rather than directly returning their contents by the server. By default, the CGI program uses the Cgi-bin directory as the virtual path.
# Redirect Old-uri New-url
The redirect parameter is used to rewrite the URL, and when the browser accesses a resource that no longer exists on the server, the server returns to the browser with a new URL telling the browser to obtain resources from the URL. This is primarily used for documents that originally existed on the server, changed locations, and wanted to be accessible using old URLs to maintain compatibility with previous URLs.
Indexoptions fancyindexing
Addiconbyencoding (cmp,/icons/compressed.gif) x-compress X-gzip
Addiconbytype (txt,/icons/text.gif) text/*
Addiconbytype (img,/icons/image2.gif) image/*
Addiconbytype (snd,/icons/sound2.gif) audio/*
Addiconbytype (vid,/icons/movie.gif) video/*
Addicon/icons/binary.gif. bin. exe
Addicon/icons/binhex.gif. hqx
Addicon/icons/tar.gif. Tar
Addicon/icons/world2.gif. wrl. wrl.gz. vrml. Vrm. IV
Addicon/icons/compressed.gif. Z. tgz. gz. zip
Addicon/icons/a.gif. ps. ai. eps
Addicon/icons/layout.gif. html. shtml. htm. pdf
Addicon/icons/text.gif. txt
Addicon/icons/c.gif. C
addicon/icons/p.gif. pl. py
Addicon/icons/f.gif. For
Addicon/icons/dvi.gif. DVI
Addicon/icons/uuencoded.gif. UU
Addicon/icons/script.gif. Sh. Shar. csh. Ksh. tcl
Addicon/icons/tex.gif. Tex
Addicon/icons/bomb.gif Core
Addicon/icons/back.gif..
Addicon/icons/hand.right.gif README
Addicon/icons/folder.gif ^^ directory^^
Addicon/icons/blank.gif ^^ blankicon^^
Defaulticon/icons/unknown.gif
#AddDescription "GZIP Compressed document". GZ
#AddDescription "Tar archive". Tar
#AddDescription "GZIP Compressed Tar archive". tgz
Readmename README
Headername HEADER
Indexignore.?? * *~ *# header* readme* RCS CVS *,v *,t
When the URL of an HTTP request is a directory, the server returns the index file in this directory. However, if the default index file does not exist in a directory, and when the server is licensed to display a list of directory files, the list of files in this directory is displayed, and in order to make the list of files understandable, not just a simple list, you need the preceding settings parameters.

Apache Server Configuration Full Introduction (vii)
If you use the indexoptions fancyindexing option, you can refer to various icons for various types of documents in the list of directories generated by the server. and which type of file uses the icon, use the following addiconbyencoding, Addiconbytype, and AddIcon to define which icon to use, based on the MIME encoding, type, and suffix of the file. If you are unsure of the icon used by the document, use the default icon defined by DefaultIcon.
Similarly, you can use Adddescription to add different descriptions for different types of documents. Also, the server is still in the directory, querying the files defined using Readmename and Headername (automatically Add. html suffixes, if not found, Use the. txt suffix for searching), and if these files are found, the contents of those files are displayed first before the file list to make the list of ordinary catalogs more comprehensible.
Indexignore let the server ignore the file when listing the list of files, where the file name is defined using mode configuration.
AddEncoding x-compress Z
AddEncoding X-gzip GZ
AddEncoding is used to tell some MIME types that use compression, which allows the browser to extract operations.
AddLanguage en. en
AddLanguage Fr. fr
AddLanguage de. de
AddLanguage da. Da
AddLanguage el. El
AddLanguage it. it
Languagepriority en fr de

An HTML document can have versions of multiple languages at the same time, such as File1.html.en, file1.html.fr, and so on, for file1.html documents, and each language suffix must be defined using AddLanguage. This allows the server to send different language versions to clients in different countries by negotiating with the browser. Instead, languagepriority defines the priority of different languages to respond to requests for file1.html in the order in which they are not specifically required, using different language versions. There is not much practical application of this international capability.
#AddType application/x-httpd-php. phtml
#AddType Application/x-httpd-php-source. Phps
The AddType parameter can specify a MIME type for a file of a particular suffix, where the setting overrides the setting in Mime.types.
#AddHandler Cgi-script. CGI
AddHandler is used to specify a non-static type of processing that defines a document as a non-static document type, needs processing, and returns processing results to the browser. For example, the setting in the above note is to set the file ending with. cgi to the Cgi-script type, and the server will start the CGI program for processing. If you need to execute a CGI program outside of the path defined in the previous aliasscript, you need to use this parameter to set it, and the file that ends with. CGI will be executed as a CGI program.
You must allow CGI programs to be executed in the. htaccess in the configuration file, in this directory, in the. htaccess, and in its parent directory, which needs to be set through the options execcgi parameter.
#AddType text/html. shtml
#AddHandler server-parsed. shtml
Another type of dynamic processing is server-parsed, in which the server itself analyzes the markup in the Web page and changes the markup to the correct HTML identity. Because server-parsed needs to process text/html type of documents, it first defines the corresponding. shtml as the text/html type.
However, to support SSI, you must first use the options includes in the configuration file (or. htaccess) to allow the documents under that directory to be SSI types, or use the options includesnoexec to allow the execution of common SSI flags. However, the external program referenced in it is not executed.
Another way to specify the server-parsed type is to use the Xbitback setting option, and if the Xbithack is set to ON, the server checks all text/html-type documents (including the document for the. html suffix), and if the file attribute is found to have an execution bit "x", The server considers it a server analysis document and needs to be processed by the server. It is recommended that you use AddHandler to set the Xbitback to off, because using Xbitback will perform additional checks on all HTML documents, reducing efficiency.
#AddHandler Send-as-is ASIS
#AddHandler imap-file Map
#AddHandler type-map var
The annotated addhandler above is used to support the ASIS, map, and VAR processing capabilities of the Apache server
# Action Media/type/cgi-script/location
# Action Handler-name/cgi-script/location
Because of the limited processing capabilities available within Apache, you can use the action to define an external program for the server as a dynamic document type that can be processed, and these external programs, like standard CGI programs, are the result of outputting different MIME types after data processing of the input. For example, to define an operation that performs wri2txt for a special suffix WRI and then returns the result, you can use:
Action Windows-writer/bin/wri2txt
AddHandler Windows-writer WRI
Further, you can use the action definition to perform a pre-processing operation on a MIME type, which requires the action parameter setting for the first format in the example. This setting does not require additional AddHandler to associate the processing operation with the file suffix, but instead uses the action to process MIME-type files directly. However, if the document suffix does not have a formal MIME type, you need to first define a MIME type.
#MetaDir. Web
#MetaSuffix. Meta
Meta information is sent to the customer's browser before the document is sent to the customer, so the browser can access the meta information through the head request without actually returning all the document data through get. The server is usually sent to the browser is some standard HTTP header information, if you want to add additional information, you need to use Metadir to define the directory of Meta data, and Metas Uffix to specify the file suffix containing meta data.
#ErrorDocument "The server made a boo boo.
#ErrorDocument 404/missing.html
#ErrorDocument 404/cgi-bin/missing_handler.pl
#ErrorDocument 402
Http://some.other_server.com/subscription_info.html
If a customer requests a Web page that does not exist, or does not have access rights, the server generates an error code and responds to a Web page that identifies the error in the client's browser.
ErrorDocument is used to set the content that should respond to the client browser when an error occurs, errordocument the first parameter is the wrong sequence number, the second parameter is the response data, can be simple text, local Web page, local CGI program, and Web page on the remote host.
Browsermatch "MOZILLA/2" nokeepalive
Browsermatch "MSIE 4.0b2;" Nokeepalive downgrade-1.0 force-response-1.0
Browsermatch "RealPlayer 4.0" force-response-1.0
Browsermatch "java/1.0" force-response-1.0
Browsermatch "jdk/1.0" force-response-1.0
The Browsermatch command sets special parameters for specific client programs to ensure compatibility with older browsers and to support new browser features.
# SetHandler Server-status
# Order Deny,allow
# Deny from all
# Allow from. your_domain.com
# SetHandler Server-info
# Order Deny,allow
# Deny from all
# Allow from. your_domain.com
# Deny from all
# ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi

Apache Server configuration Full Raiders (eight)
Settings for setting access control are primarily for directories and files, but you can also set access control settings for different URLs, so you don't have to worry about whether Scriptalias, alias, or not set the path beyond the controlled directory. The statement that controls the URL is a location statement, which protects not only the files on the server, CGI, but also the URL of the special feature provided by the server itself, in addition to the protection of files that cannot be found. Http://servername/server-status is used to report the status of the current Apache server, Http://servername/server-info to report statistics on the Apache server. The settings associated with this also have extendedstatus parameters that allow the server to output more detailed reports.
#ProxyRequests on
# Order Deny,allow
# Deny from all
# Allow from. your_domain.com
#ProxyVia on
#CacheRoot "/www/proxy"
#CacheSize 5
#CacheGcInterval 4
#CacheMaxExpire 24
#CacheLastModifiedFactor 0.1
#CacheDefaultExpire 1
#NoCache a_domain.com another_domain.edu joes.garage_sale.com
The Apache server itself has the function of an agent, yet this requires loading into the Mod_proxy module. This can be judged using the Ifmodule statement and, if there is a mod_proxy module, use proxyrequests to open proxy support. The following directory is used to set access rights settings for the proxy function, and to set the individual parameter settings for buffering.

Virtual Host
#NameVirtualHost 12.34.56.78:80
#NameVirtualHost 12.34.56.78
# ServerAdmin Webmaster@host.some_domain.com
# documentroot/www/docs/host.some_domain.com
# ServerName Host.some_domain.com
# ErrorLog Logs/host.some_domain.com-error_log
# Customlog Logs/host.some_domain.com-access_log Common
These contents in the default settings file are used when the virtual host server is used to set the naming foundation.
where namevirtualhost to specify the IP address used by the virtual host, this IP address will correspond to multiple DNS names, and if Apache uses the listen parameter to control multiple ports, then you can add a port number here to further differentiate between different connection requests for different ports. Thereafter, using the VirtualHost statement, use the IP address specified by Namevirtualhost as a parameter to define the corresponding virtual host settings for each name.
The virtual host is on a Web server that can provide Web services for multiple individual domain names, and each domain name is completely independent, including a completely independent document directory structure and settings, so that the domain name is completely independent, not only using each domain name access to the content completely independent, And another domain name is not available to access the content of the Web page provided by other domain names.
The concept of a virtual host is very useful for ISPs, because although an organization can hang its own web pages on servers with other domain names, it is more formal and acceptable to use separate domain names and root URLs. Traditionally, you have to set up a server to achieve the purpose of a single domain name, however, this requires maintaining a separate server, many small units lack sufficient maintenance capacity, more appropriate way is to hire someone else to maintain the server. ISP also does not need to provide a separate server for an organization, fully can use the virtual host capabilities, so that the server for a number of domain names to provide Web services, and different services do not interfere with each other, external performance as a number of different servers.

There are two ways to set the virtual host, one is based on the HTTP 1.0 standard, the need for a server with multiple IP addresses, and then configure the DNS server, to each IP address with a different domain name, the last to configure Apache configuration files, so that the server to different domain names return different Web documents. Because this requires the use of an additional IP address, the domain name for each service to use a separate IP address, so this way to achieve more problems.
You can bind multiple IP addresses on a network interface, and Linux needs to use the alias parameters of Ifconfig to perform this configuration, but this can affect network performance.
The HTTP 1.1 standard allows the server to track which host name the browser requests when communicating with browsers and servers in the protocol. So you can use this new feature to set up a virtual host in a more relaxed way. This approach does not require additional IP addresses, but requires a new version of browser support. This approach has become the standard way to build a virtual host.
To establish a non-IP based virtual host, multiple domain names are an essential configuration, because each domain name corresponds to a virtual host to serve. Therefore, you need to change the configuration of the DNS server to add more than one C name option for the server, such as:
Linux in A 192.168.1.64
Vhost1 in CNAME Linux
Vhost2 in CNAME Linux
The basic setup options are set for the Linux host, and if you want to set up a virtual host for Vhost1 and Vhost2, use the VirtualHost statement to define different options, and in the statement you can use most of the options in front of the configuration file. You can redefine almost all the settings for the server.
Namevirtualhost 192.168.1.64
Documentroot/www/data
ServerName linux.example.org.cn
Documentroot/vhost1
ServerName vhost1.example.org.cn
Documentroot/vhost2
ServerName vhost2.example.org.cn
It should be noted here that VirtualHost's parameter address must be consistent with the address defined by Namevirtualhost, and that all values are strictly consistent, and the Apache server admits that these definitions are virtual hosts defined for this IP address.
In addition, once the namevirtualhost is defined, access to the IP address is differentiated by different virtual hosts, while access to other IP addresses, such as 127.0.0.1, applies the previously defined default options.