Home > Developer > Web Develop
Anti-theft chain is to prevent other people's website code inside the stolen server image, file, video and other related resources
Experimental environment| IP Address | Domain name | Use |
|---|---|---|
| 192.168.100.103 | Www.bt.com | SOURCE Host |
| 192.168.100.104 | Www.test.com | Hotlinking website |
[Email protected] ~]# chkconfig iptables off #随开机关闭iptables
[Email protected] ~]# Vim/etc/sysconfig/selinux
[email protected] ~]# reboot #重启生效
2. Uninstall to install httpd related package in RPM mode[Email protected] ~]# Rpm-qa | grep "httpd"
[email protected] ~]# Yum remove httpd #卸载httpd相关包
3. Build a DNS serverIf you don't have a friend for the above two services, check out my other posts for more information
http://blog.51cto.com/11905606/2156944
[Email protected] ~]# yum-y install gcc gcc-c++ make Zlib-devel #安装C语言编译器以及make
[Email protected] ~]# TAR-ZXVF apr-1.4.6.tar.gz-c/usr/src/
[Email protected] ~]# cd/usr/src/apr-1.4.6/
[[email protected] apr-1.4.6]#./configure prefix=/usr/local/apr && make && make install
[Email protected] ~]# TAR-ZXVF apr-util-1.4.1.tar.gz-c/usr/src/
[Email protected] ~]# CD/USR/SRC/APR-UTIL-1.4.1/
[Email protected] apr-util-1.4.1]#/configure prefix=/usr/local/apr-util--with-apr=/usr/local/apr && Make & amp;& make Install
[Email protected] ~]# TAR-ZXVF pcre-8.10.tar.gz-c/usr/src #支持正则
[Email protected] ~]# cd/usr/src/pcre-8.10/
[[email protected] pcre-8.10]#./configure prefix=/usr/local/pcre && make && make install
[Email protected] ~]# tar zxvf httpd-2.4.2.tar.gz-c/usr/src/
[Email protected] ~]# cd/usr/src/httpd-2.4.2/
[Email protected] httpd-2.4.2]#/configure \
--PREFIX=/USR/LOCAL/HTTPD \
--WITH-APR=/USR/LOCAL/APR \
--with-pcre=/usr/local/pcre \
--enable-deflate \
--ENABLE-SO \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi
parameter resolution:Prefix: Specifying the installation directory
Enable-deflate: Enable Mod_deflate module
ENABLE-SO: Enable dynamic load module support, what functions are required to dynamically load
Enable-rewrite: Enable Web address rewriting to implement pseudo-static
Enable-charset-lite: Default Character Set
Enable-cgid: Enable Cgid
[[email protected] httpd-2.4.2]# make && make install #编译及编译安装
3. Adding system Services[Email protected] ~]# CP/USR/LOCAL/HTTPD/BIN/APACHECTL/ETC/INIT.D/HTTPD
[Email protected] ~]# VIM/ETC/INIT.D/HTTPD
lines 2nd, 32 add the following parameters:# chkconfig:2345 85 15
# Description:apache is a world Wide Web server.
[Email protected] init.d]# chmod +x/etc/init.d/httpd
[Email protected] init.d]# chkconfig--add httpd
[Email protected] ~]# mkdir-p/etc/httpd
[Email protected] ~]# ln-s/usr/local/httpd/conf//etc/httpd/#优化配置文件路径
[Email protected] ~]# ln-s/usr/local/httpd/bin/*/usr/local/bin/#优化命令路径
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf
6. Start httpd ServiceModify the following parameters:ServerName www.bt.com:80 #填写完全主机名
Listen 192.168.100.103:80 #监听本地IP
[[Email protected] ~]# service httpd start
[Email protected] ~]# NETSTAT-ANPT | grep ': 80 '
[email protected] ~]# CP logo.jpg error.jpg/usr/local/httpd/htdocs/#将测试图片拷贝到http站点目录中
[Email protected] ~]# cd/usr/local/httpd/htdocs/#进入站点目录
[Email protected] htdocs]# vim index.html #编辑默认首页
2. Access test source host test page 3, test hotlinking website misappropriation source host picture?? <body>
???? ???? #首页添加图片
?? </body>
[Email protected] ~]# cd/usr/local/httpd/htdocs/#进入盗链主机站点目录
[Email protected] htdocs]# vim index.html #编辑默认首页
?? <body>
???? ???? #注意使用的源主机的图片地址
?? </body>
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf #编辑主配置文件
LoadModule rewrite_module modules/mod_rewrite.so #约146行, turn on the rewrite function module
2. Restart HTTPD ServiceModify edit the following parameters about 213 linesDocumentRoot "/usr/local/httpd/htdocs"
Configuration Rule Variable Description:
<directory "/usr/local/httpd/htdocs" > #定义的站点目录
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
Rewriteengine on
Rewritecond% (http_referer)!^HTTP://BT.COM/.*$[NC]
Rewritecond% (http_referer)!^HTTP://BT.COM$[NC]
Rewritecond% (http_referer)!^HTTP://WWW.BT.COM/.*$[NC]
Rewritecond% (http_referer)!^HTTP://WWW.BT.COM$[NC]
Rewriterule. *. (gif|jpg|swf) $ http://www.bt.com/error.png
</Directory>(The picture in which directory, in which directory to do the special set of anti-theft chain)
Rule Matching Description:
%{http_referer}: Browse the Link field in the header to hold a linked URL that represents the link from which to access the desired page
!^: Do not start with the following string
. *$: End With any character
NC: Uppercase Not distinguished
R: Force JumpRewriteengine on: Open Web page rewriting feature
Rewritecond: Setting matching rules
Rewriterule: Set Jump action
Rule matching: If the value of the corresponding variable matches the rule set, it is processed down-by-down, and if it does not match, the subsequent rule no longer matches
[Email protected] ~]# httpd-t
[[email protected] ~]#/etc/init.d/httpd Restart # restart HTTPD service
[Email protected] ~]# apachectl-t-D dump_modules | grep ' rewrite '
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf
Include conf/extra/httpd-default.conf #约477行, turn on default configuration
[Email protected] ~]# vim/etc/httpd/conf/extra/httpd-default.conf
4. Restart HTTPD ServiceServertokens Prod #约55行 The default parameter is to display all the full information and change the value to Prod (short message)
Serversignature off #约65行 default is off, the server version is turned off and the service is being served servername
[Email protected] ~]#/etc/init.d/httpd restart
5. Catch the package test againDetailed Apache configuration image anti-theft chain and hidden version information
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
