CentOS Apache default directory log and prevent Trojan cross-station settings

Apache Default Site Directory settings

The Apache Default Web site Directory is in/var/www/html, we now want to change the site directory to/home/wwwroot/web1/htdocs, the following actions

To create a directory:
Cd/home
mkdir wwwroot
CD Wwwroot
mkdir Web1
CD Web1
mkdir Htdocs
Touch index.php

Operation Steps:

1, vi/etc/httpd/conf/httpd.conf
Find the DocumentRoot "/var/www/html" section #apache的根目录
Change/var/www/html this directory to/home/wwwroot/web1/htdocs
and find #定义apache/var/www/html this area.
Change the/var/www/html into/home/wwwroot/web1/htdocs
So we can get rid of APAHCE's default path.
Service httpd Restart #重启Apache服务器

2, visit the localhost, will find the access denied, this is why?

Mainly because of your/home/wwwroot/web1/htdocs permission is 750,apache This user does not have the privilege to access, you need to change the permission, can like this
Chmod-r 755/home/wwwroot/web1/htdocs
And then go to a visit to find the normal run (Apache User: Apache run Apache Group: Apache)
At this point, the Apache default site directory changes successfully.

Apache Log Generation Settings

The following set Apache to allow the server to generate a separate log file every day, so the management, analysis log will be much easier.

Vi/etc/httpd/conf/httpd.conf #编辑文件
#ErrorLog Logs/error_log #注释此行, add the following line
ErrorLog "|rotatelogs/var/log/httpd/error_log%y%m%d.log 86400" #每天单独生成一个日志文件
#CustomLog Logs/access_log Common #注释此行, add the following line
Customlog "|rotatelogs/var/log/httpd/access_log%y%m%d.log 86400" common #每天单独生成一个日志文件

Tips: If you want to ban Apache log files, you can set the following
Errorlog/dev/null #禁用错误日志
Customlog/dev/null Common #禁用访问日志

Apache prevent PHP Trojan Cross Station setup

The

Code is as follows:
Php_admin_value open_basedir "/usr/local/apache/htdocs/www/:/tmp/"
Note: Put/usr/local/apache/htdocs/ www/Replace your own site Directory
For example:
Edit a virtual host configuration file
Vi/etc/httpd/conf.d/vhost.conf
Add the following code to your site configuration
<virtualhost * : 80>
Php_admin_value open_basedir "/usr/local/apache/htdocs/www/:/tmp/"
</virtualhost>
Note:  
Since Open_basedir is set in/etc/httpd/conf.d/vhost.conf, the virtual user will no longer automatically inherit the Open_basedir set value in PHP.ini
. This is difficult to achieve with flexible configuration measures, so it is recommended that you do not set this restriction in/etc/httpd/conf.d/vhost.conf
.
For example, you can set Open_basedir = in php.ini.:/ tmp/
This setting means allowing access to the current directory (that is, the directory where the PHP script files reside) and the/tmp/directory, effectively preventing the PHP trojan from running across the station