Apache optimized application One (keep connection and version hidden)
Directory
The first part of the preparatory work
Second part installs Apache service
Part III Apache optimization-Stay connected
Part Four Apache optimization-version information hiding
The first part of the preparatory work
One: server: Linux system-centos 7.4;
IP Address: 192.168.80.10
Client: Take WIN7 as an example, test the result of verification, and the server in the same network segment;
IP Address: 192.168.80.2
Two: Prepare the package for compression
Apr-1.6.2.tar.gz and apr-util-1.6.0.tar.gz are required plugins for httpd2.4 later versions and must be installed
Third: Close the firewall with SELinux
Second part installs Apache service
One: Install the compilation tools and plugins
[[email protected] ~]# yum-y install \
GCC \
gcc-c++ \
Make \
Pcre-devel \
Expat-devel \
Perl
Two: Unzip:
[Email protected] ~]# Tar XF apr-1.6.2.tar.gz
[Email protected] ~]# Tar XF apr-util-1.6.0.tar.gz
[Email protected] ~]# Tar XF httpd-2.4.29.tar.bz2
[Email protected] ~]# MV apr-1.6.2 HTTPD-2.4.29/SRCLIB/APR
[Email protected] ~]# MV apr-util-1.6.0 httpd-2.4.29/srclib/apr-util
Three: Configuration (custom personalization)
[[Email protected] ~]# CD httpd-2.4.29//must enter the installation directory
[Email protected] httpd-2.4.29]#/configure \
--PREFIX=/USR/LOCAL/HTTPD \//Specifies to install the HTTPD program into the/USR/LOCAL/HTTPD directory
--ENABLE-SO \//Enable dynamic load module function
--enable-rewrite \//Enable Web page address rewriting for website optimization and Directory Migration
--enable-charset-lite \//enable character set support to support Web pages that are encoded using a variety of character sets
--ENABLE-CGI//Enable CGI scripting support for extended Web site application access
IV: Compilation and Installation
[[email protected] httpd-2.4.29]# make && make install
To add a httpd service to a system service
[Email protected] httpd-2.4.29]# CP/USR/LOCAL/HTTPD/BIN/APACHECTL/ETC/INIT.D/HTTPD
[Email protected] httpd-2.4.29]# VI/ETC/INIT.D/HTTPD
Add the following two lines (Note that "#" cannot be omitted):
Save exit
[[email protected] httpd-2.4.29]# chkconfig--add httpd//Add httpd to service Manager
[[email protected] httpd-2.4.29]# Systemctl daemon-reload//heavy-duty system System Manager
V: Edit httpd master configuration file
[Email protected] httpd-2.4.29]# vi/usr/local/httpd/conf/httpd.conf
Modify the following content:
ServerName localhost
Save exit
Optimized execution path (the original path of the executing program file is not in the PATH environment variable, do a soft link to make it executable)
[Email protected] httpd-2.4.29]# ln-s/usr/local/httpd/conf/httpd.conf/etc/
[Email protected] httpd-2.4.29]# ln-s/usr/local/httpd/bin/*/usr/local/bin/
Check for syntax errors
[Email protected] httpd-2.4.29]# httpd–t
Or: [[email protected] httpd-2.4.29]# apachectl–t
View Program version
Six: Start the service
[Email protected] httpd-2.4.29]# systemctl start httpd
[[email protected] httpd-2.4.29]# Systemctl enable httpd//set httpd to boot
[Email protected] httpd-2.4.29]# NETSTAT-ANPT | grep 80//View httpd service Run status
Seven: Validation
Accessing the server with the WIN7 client
Browser access: http://192.168.80.10
Validation successful
(Note that the default content of the Web page is:/usr/local/httpd/htdocs/index.html)
Part III Apache optimization-Stay connected
Connection hold: Resolves server stress caused by frequent connection and disconnection of client to server
One: Configure the master configuration file:
[Email protected] ~]# vi/usr/local/httpd/conf/httpd.conf
Include conf/extra/httpd-default.conf//Remove the previous # number, indicating that the module is turned on
(Note: If the module does not turn on, the configuration will not take effect after modification)
Save exit
Two: Configure connection hold
[Email protected] ~]# vi/usr/local/httpd/conf/extra/httpd-default.conf
KeepAlive on//Hold connection on (default on)
Maxkeepaliverequests 200//per connection request up to 200 files (default of 100)
KeepAliveTimeout 10//No response timeout kick offline time set 10 seconds (default 5 seconds)
Save exit
Three: Using Wireshark to capture the package verification
Before modifying configuration
After modifying the configuration
Validation successful
Part Four Apache optimization-version information hiding
One: Normal version display
Access http://192.168.80.10 under Win7
Grab the bag with Wireshark
Open the Packet
Display version Information
Two: Edit the configuration file
[Email protected] ~]# vi/etc/httpd.conf
Include conf/extra/httpd-default.conf//Remove the previous "#" to open the module
Save exit
[Email protected] ~]# cd/usr/local/httpd/conf/
[Email protected] conf]# VI extra/httpd-default.conf
Edit the following content:
Servertokens Prod
Serversignature off//server signing off
Save exit
[Email protected] conf]# service httpd restart
Three: Win7 under verification
Access http://192.168.80.10 under Win7
Open the Packet
Version information is hidden
Centos7.4-apache optimization Application One (keep the connection and version hidden)