Apache Study notes (Experience)

Source: Internet
Author: User
Tags apache log

Http://blog.csdn.net/btbtd/article/details/288027#2

Classification
# 01. General Settings
# 02. Virtual Host
# 03.<directory> + Alias
# 04..htaccess
# 05.Log
# 06.URL Rewrite
# 07. Other

####### #01. General Settings

# Listen
# Listening Port, example: Listen 80

# ServerRoot
# Apache Directory, example: ServerRoot "C:/Program files/apache group/apache2" (WINDOWS)

# ServerAdmin
# Error Reporting Mailbox, example: ServerAdmin [email protected]

# DocumentRoot
# site root directory, example: DocumentRoot "i:/gi-2288"

# DirectoryIndex
# Configure Directory index files,
# example: DirectoryIndex index.php index.php3 index.html index.htm

# ServerName
# Server domain/IP address, example: ServerName gi.2288.org

# DefaultLanguage
# set a specific default language for all directives scoped files
# syntax: DefaultLanguage Mime-lang, example: DefaultLanguage ZH-CN

# Adddefaultcharset
# The default character set that is added to the response without a specified character set, default value: Adddefaultcharset Off
# example: Adddefaultcharset utf-8, Syntax: syntax: Adddefaultcharset on| off| Character Set

# AddHandler
# Establish a mapping between a file extension and a specific processor, e.g. AddHandler cgi-script. cgi. pl
# syntax: AddHandler handler-name Extension

# Accessfilename
# define configuration file, example: Accessfilename. htaccess
# when the document is returned to the client, if the Publish Profile feature for this directory is set.
# The server will look for the first existing configuration file from the list of names in each path of this document.

# Timeout
# timeout Time, example: Timeout 300

# Typesconfig
# Specify the location of the Mime.types file, default: Typesconfig conf/mime.types

# DefaultType
# DefaultType MIME type,
# Sometimes this happens: the server is asked to provide a document, and the type of the document cannot be determined by its MIME type mapping.
# The server must notify the client of its document's content type.
# So when an unknown type appears, DefaultType will be used.
# example: DefaultType image/gif

# hostnamelookups
# Enable DNS lookups on client IPs, syntax: Hostnamelookups on|off|double

# errorlog
# Locate the server where the error log is located, for example: Errorlog "G:/apache/dummy-gi.2288.org.80-error_log"

# LogLevel
# Control error log level, default value: LogLevel warn
# Emerg Emergency-System not available.
# Alert must take immediate action.
# Crit Fatal condition.
# error condition.
# warn warning case.
# Notice general important situation.
# Info General information.
# Debug Error level Information

# Customlog
# Set the log file name and format, default: Customlog logs/access.log Common

# Servertokens
# Configure server HTTP response header, default: Servertokens full

# Servertokens Prod[uctonly], the server will send (for example): Server:apache

# Servertokens Major, the server will send (for example): SERVER:APACHE/2

# Servertokens Minor, the server will send (for example): server:apache/2.0

# Servertokens Min[imal], the server will send (for example): server:apache/2.0.41

# Servertokens OS, Server will send (for example): server:apache/2.0.41 (Unix)

# Servertokens Full (or not specified),

# The server will send (for example): server:apache/2.0.41 (Unix) php/4.2.2 mymod/1.2

# maxspareservers
# Set the maximum number of idle processes in Apache
# Syntax: maxspareservers number
# Default: Maxspareservers 100
# Example: Maxspareservers 1000

# maxkeepaliverequests
# Set the maximum number of requests per connection
# Syntax: maxkeepaliverequests number
# Default value: Maxkeepaliverequests 100

# serversignature
# Configure server to generate page footer, default value: Serversignature Off
# syntax: Serversignature on| Off| EMail

Application
# Listen 80
# serverroot "C:/Program files/apache group/apache2"
# ServerAdmin [email protected]
# documentroot "i:/gi-2288"
# directoryindex index.php index.php3 index.html index.htm
# ServerName Gi.2288.org
# DefaultLanguage ZH-CN
# Adddefaultcharset Utf-8
# Adddefaultcharset OFF
# AddHandler Cgi-script. cgi. pl
# Accessfilename. htaccess
# Timeout 300
# Typesconfig Conf/mime.types
# errorlog "G:/apache/dummy-gi.2288.org.80-error_log"
# LogLevel warn
# Customlog Logs/access.log Common
# Servertokens Prod[uctonly]
# serversignature OFF

####### #02. <virtualhost *:80> Virtual Host

# Listen 80
# Set the Listening port

# Namevirtualhost 192.168.1.2:80
# NAME/port type virtual host

# <virtualhost *:88>
# </VirtualHost>
# Virtual Host Segment

# ServerAdmin [email protected]
# Contact the mailbox for the management meeting
# documentroot "i:/gi-2288"
# site Root directory
# ServerName Gi.2288.org
# Domain Name
# errorlog "G:/apache/dummy-gi.2288.org.80-error_log"
# error Log # log records are good things, note view logging
#------------above is a virtual host content

# Full application:
# Listen 80
# Namevirtualhost 192.168.1.2:80
# <virtualhost *:88>
# ServerAdmin [email protected]
# documentroot "i:/gi-2288"
# ServerName Gi.2288.org
# </VirtualHost>

####### #03. <Directory> + Alias

# syntax: <directory directory path > ... </Directory>
# encapsulates a set of instructions that only work on a file system directory with a name and its subdirectories.

# Directory browsing is not allowed, for example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options FollowSymLinks
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>

# Allow directory browsing, for example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options Indexes
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>

# Allow & Deny

# Allow and deny directives can permit or deny access from a specific host name or host address,
# at the same time, the Order command tells Apache to process the order of the two instructions to change the filter.

# Allow
# Allow access to all addresses, example: Enable from all

# Allow only specific IP addresses to access the directory, for example: Enable from 205.252.46.165

# Allow only specific domain addresses to access directories, for example: Enable from www.google.com

# Allow only specific IP segment access, example: Enable from 10.10.10.0/255.255.0.0

# Deny
# Deny all addresses access directory, example: Deny from all

# Deny access to a specific domain directory, example: Deny from www.google.com

# Deny access to specific IP directories, example: Deny from 218.15.84.152

# Deny access to an IP segment directory, example: Deny from 10.10.10.0/255.255.0.0

# Allow & Deny mixed use

# Deny access to all addresses, but accept Google's visit, for example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, allow
# Deny from all
# Allow from www.google.com
# </Directory>

# Accept access to all addresses, but deny Google access, for example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, allow
# Deny from www.google.com
# Allow from all
# </Directory>

# Options

# syntax: options [+|-] optional [[+|-] optional] ...

# Configure which features are used in a particular directory,
The options Directive controls which server features will be used in a particular directory.
# The option can be set to none, in which case no extra features will be enabled.
# or set to one or more of the following options:

# all, except for multiviews all features. This is the default setting.

# execcgi, allows execution of CGI scripts.

# followsymlinks, the server uses symbolic connections in this directory.
Note: Even if the server uses symbolic connections, it does not change the pathname used to match the <Directory> configuration segment.
Note: If this configuration is in the <Location> configuration segment, this setting is ignored.

# includes, allow server-side inclusion.

# includesnoexec, allow server-side containment, but disable #exec command and #exec CGI.
# but you can still use the # include virtual CGI script from the Scriptaliase directory.

# Indexes, if a URL mapped to a directory is requested,
# and there's no directoryindex in this directory (for example: index.html.zh-cn.gb2312),
# then the server returns a list of formatted directories.

# MultiViews, allows content to negotiate the multi-attention graph.

# SymLinksIfOwnerMatch, the server uses a symbolic connection only if it has the same user ID as its destination directory or file owner.
Note: If this configuration appears in the <Location> configuration segment, this option is ignored.

# allowoverride

# syntax: allowoverride all| none| instruction Type [instruction type] ...
# Description: Allow instruction types that exist in the. htaccess file

# when the server discovers a. htaccess file (specified by Accessfilename),
# It needs to know which directives are declared in this file to overwrite the access information specified earlier.

# allowoverride is only valid in the <Directory> section. is not valid in the <Location> or <Files> section.

# If this directive is set to none, then the. htaccess file will be completely ignored.
# In this case, the server will not even try to read the. htaccess file from the file system.
# all directives with the. htaccess context are allowed to appear in the. htaccess file when this directive is set to all.

####### #4. . htaccess

# Hint: allowing the use of. htaccess files will result in degraded server performance.
In addition, every time you request a page, you need to read the. htaccess file.

# Open. htaccess support this must be set allowoverride all, for example:

# alias/v "J:/pwd/"
# <directory "j:/pwd/" >
# Options Indexes
# allowoverride All
# Order Allow,deny
# Allow from all
# </Directory>

# If you have sensitive information on a Web site or simply want to be accessible to a small group,
# Here are a few ways to make sure that users can only access resources that are allowed to be accessed.

# typically in a <Directory> section or a profile (. htaccess files) for a single directory.
# If you want to use a. htaccess file, you must set up the server to allow the use of authentication instructions in these files.
# that is, use the allowoverride directive to specify which directives are valid in a configuration file for a single directory.

# to protect a directory on a server with a password, you first need to create a password file.
# This file can be placed in a location that cannot be accessed by the network to avoid being downloaded,

# For example: space outside of G:/apache cannot be accessed by the network,
# then consider placing the password file in the g:/apached directory.

# Apache provides a tool called htpasswd in the bin subdirectory of its installation directory.

# to create a password file, you can use this:
# (Switch to Apache installation directory First, example: C:/Program files/apache group/apache2/bin)

# on the command line input: Htpasswd-c g:/apache/passwords E

# (This creates a user E, set the user and password exactly as you want)
# then you will be asked to enter the password and then enter it again to verify the password.

# so there's more than one passwords file in g:/apache/(no suffix name)

# The words under Windows will encrypt the password with MD5.

# then create a. htaccess file in the directory where you want to set permissions,

# The contents of the. htaccess file are:
# authtype Basic
# authname "Restricted Files"
# AuthUserFile G:/apache/passwords
# Require User E

# Demo Page: http://gi.2288.org:88/v
# User: E-Password: testhtpasswd

Note: The directory must allow allowoverride all so that the. htaccess file can take effect.

####### #5. Log

# Apache log files can provide very much information, it is necessary to understand these logs

# C:/Program Files/apache group/apache2/logs (log file storage in Windows)
# Access.log (access log to see what the client is accessing) & Error.log (Error log)

# Custom Log format

# Mod_log_config
# Status: Base
# Description: Log requests for Server-initiated
# Default: Customlog logs/access.log Common

# Recommended settings:
# customlog Logs/access_log "%h%l%u%t"%r "%s%b"%{referer}i ""%{user-agent}i ""

# Logformat
# Default value: Logformat "%h%l%u%t/"%r/"%>s%b"
# syntax: Logformat format|nickname [Nickname]
# Description: Define the record format in the log file
# example: Logformat "%v%h%l%u%t/"%r/"%>s%b" Vhost_common

# Customlog
# Status: Base
# syntax: Customlog file|pipe format|nickname [env=[!] Environment-variable]
# Description: Set the log file name and format
# example: Customlog logs/access_log "%h%l%u%t/"%r/"%>s%b"

# errorlog
# syntax: errorlog file path |syslog[:facility]
# Default value: Errorlog logs/error_log (Unix) errorlog Logs/error.log (Windows and OS/2)
# Description: Locate the server where the error log is stored
# example: Errorlog "G:/apache/dummy-gi.2288.org.88-error_log"

# Cookielog
# syntax: cookielog filename
# Description: Set the log file name for cookies
# module: mod_log_config

# Rewritelog
# syntax: Rewritelog file-path
# Description: Set the file name of the rewrite engine log
# module: mod_rewrite
# example: Rewritelog "/usr/local/var/apache/logs/rewrite.log" (Unix/linux)
# Rewritelog "G:/apache/rewrite.log" (Windows)

# Some of the common format strings are as follows:

# can be used in log format (CLF): "%h%l%u%t/"%r/"%>s%b"

# Common log format with virtual host: "%v%h%l%u%t/"%r/"%>s%b"

# NCSA Extended/Combined log format: "%h%l%u%t/"%r/"%>s%b/"%{referer}i/"/"%{user-agent}i/""

# Referer Log format: "%{referer}i,%u"

# Agent (Browser) log format: "%{user-agent}i"

####### #6. URL Rewrite

Note: Depending on your server configuration, it may be necessary to make slight changes to the example,
# For example, to add the [PT] flag when new Mod_alias and Mod_userdir are enabled,
# or rewrite. htaccess instead of a rule set in a single server.
# A particular set of rules should be understood first and then used to avoid problems.

# rewrite syntax
# Rewriteengine on
# rewriterule ^/$/www/[R]

# General Override Method

# rewrite page: http://gi.2288.org:88/modules/news/index.php
# rewriterule/modules/news/index.htm$/modules/news/index.php
# Complete page: http://gi.2288.org:88/modules/news/index.htm

# rewrite page: http://gi.2288.org:88/modules/news/index.php?storytopic=2
# rewriterule/modules/news/topic_ (. *)/.htm$/modules/news/index.php?storytopic=$1
# Complete page: http://gi.2288.org:88/modules/news/topic_2.htm

# rewrite page: http://gi.2288.org:88/index.php?storytopic=2start=10
# rewriterule/topic (. *)-(. *)/.htm$/index.php?storytopic=$1&start=$2
# Complete page: http://gi.2288.org:88/topic2-2.htm

# Note: Each additional rewrite ID must be incremented by
# For example page: http://gi.2288.org:88/ct=2x=10y=20
# This can be overridden:
# REWRITERULE/CT (. *)-(. *)-(. *)/.htm$/ct=$1x=$2y=$3
# Effect: http://gi.2288.org:88/ct2-10-20.htm

# Move the host directory to a different Web server

Description
# Often, many network administrators will have this requirement when building a new Web server:
# REDIRECT all host directories on one site server to another site server

Solution
# very simple, with mod_rewrite. Redirect all URLs on the old site server
#/~user/anypath to Http://newserver/~user/anypath.

# Rewriteengine on
# Rewriterule ^/~ (. +) http://newserver/~$1 [r,l]

# dependent on browser content

Description
# At least for important top-level pages, it is sometimes necessary to provide the best content that depends on the browser,
# to provide a maximized version of the latest Netscape, with a minimized version of Lynx,
# While other browsers provide a general version of the feature.

Solution
# In this context, content negotiation is powerless because the browser does not provide the type of its form,
# so you can only find a way to "user-agent" the HTTP header.
# The following rule set can do this:
# if the HTTP header "User-agent" starts with "MOZILLA/3",
# The page foo.html is rewritten as Foo. Ns.html, and then the rewrite operation terminates;
# if it is "Lynx" or "Mozilla" with a version number of 1 and 2, rewrite it as foo.20.html;
# and all the other browsers receive the page is foo.32.html:

# Rewritecond%{http_user_agent} ^mozilla/3.*
# Rewriterule ^foo/.html$ foo. NS [L]

# Rewritecond%{http_user_agent} ^lynx/.* [OR]
# Rewritecond%{http_user_agent} ^mozilla/[12].*
# rewriterule ^foo/$ foo.20 [L]

# rewriterule ^foo/$ foo.32 [L]

# Stop Robots

Description
# How do I stop a completely anonymous robot to get a page for a specific network region?
# A/robots.txt file can contain several lines of "Robot exclusion Protocol (Robot exclusion Protocol)",
# but not enough to prevent such robot.

Solution
# You can use a ruleset to deny/~quux/foo/arc/to a network region
# (for a very deep directory area, a list may cause a large load on the server) access.
# You must also ensure that only specific robot are blocked, that is, it is not enough to prevent robot from accessing the host
# This will also prevent users from accessing the host. To do this, you need to match the user-agent information of the HTTP header.

# Rewritecond%{http_user_agent} ^nameofbadrobot.*
# Rewritecond%{remote_addr} ^123/.45/.67/. [8-9]$
# rewriterule ^/~quux/foo/arc/.+-[F]

# Prevent hotlinking Pictures

Description
# Suppose, http://gi.2288.org:88/myalbum/has some pages with inline images,
# These pictures are good, so someone uses hyperlinks to their own pages.
# as this in vain increases the flow of our servers, we do not want this to happen.

Solution
# Although, we can't protect these images 100% from being written to someone else's page,
# But at least you can limit the browsers that emit HTTP Referer headers.

# Rewritecond%{http_referer}!^$
# Rewritecond%{http_referer}!^http://gi.2288.org:88/myalbum/.*$ [NC]
# rewriterule. */.gif$-[F]

# Rewritecond%{http_referer}!^$
# Rewritecond%{http_referer}!. */foo-with-gif/.html$
# rewriterule ^inlined-in-foo/.gif$-[F]

####### #7. Other

# Prohibit hotlinking
# setenvifnocase Referer "^http://gi.2288.org:88/" local_ref=1
# <filesmatch ". (gif|jpg|png|jpeg|zip|rar|exe|swf|txt) ">
# Order Allow,deny
# Allow from Env=local_ref
# </FilesMatch>

# load PHP 5
# LoadModule Php5_module C:/php/php5apache2.dll
# #AddModule MOD_PHP4.C
# AddType application/x-httpd-php. php
# scriptalias/php/"c:/php/"
# AddType application/x-httpd-php. php
# Action application/x-httpd-php "/php/php-cgi.exe"

# run Apache for Windows as a service

# You can install Apache as a Windows NT service like this: Apache-i-n "Service name"

# To install a service that uses a specific configuration, specify the configuration file at installation time:
# apache-i-N "Service name"-F "/my server/conf/my.conf"

# to remove an Apache service, use: Apache-u-n "Service name"

Note: If you do not specify a service name, "Apache" will be used by default.

# Once the service is installed, you can access the configuration file for the service with the-n option and other options.
# Example: Testing a service's profile: Apache-n "service name"-T

# Start a console that uses a service profile Apache:apache-n "service name"

# Apache to control service mode

# Start, restart, and shutdown/stop Apache services:
# apache-n "Service name"-K start
# apache-n "Service Name"-K restart
# apache-n "Service name"-K shutdown
# apache-n "Service Name"-K stop

# or Use NT Native command net to start and stop the Apache service, like this:
# NET START "service Name"
# NET STOP "service Name"

Apache Study notes (Experience)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.