HTTPD configuration: Examples and descriptions

The general website uses httpd as the Web server to provide the Web page, this article mainly introduces the next several httpd commonly used configuration attribute and the configuration method, certainly the concrete application more has the concrete demand to decide.

Agent Module Configuration:

Due to the Dynamic Web page, the generation of Web pages to the basic proxy to the back-end server, typically such as: Jetty, Tomcat (Jservlet series), IIS and so on. and Web servers need to deal with these.

A few of the more commonly used modules:

MOD_JK mod_proxy*

Here is an example of the following mod_proxy configuration:

<ifmodule mod_proxy.c>
    proxyrequests off
    proxypreservehost on
    <directory proxy:*>
        Order Deny,allow
        allow from all
    </Directory>
    proxypassmatch ^/(user)/(. *) $  http://localhost: ${wmmad_appserver_port} min=5 smax=16 ttl=600 timeout=100 proxypass/monitor/status http://localhost:${      Wmmad_appserver_port}/monitor/status.do
    Proxypass/monitor/default     http://localhost:${wmmad_appserver _port}/monitor/default.do
</IfModule>

Description

1. Open the agent

2. Configure access rights

3. Filter agent configuration, pay attention to not to say that some of the resources requested proxy to the backend server, because such as jetty these in the processing of static resources than httpd weak, only the need for dynamic access to the module is configured in the backend

Request Header configuration:

The general request header is not configured, but to the nearest Apche 0day attack, which can cause the service to hang out may need to use, for example:

<ifmodule mod_headers.c>
        Header set x-content-type-options "Nosniff"
        header set x-xss-protection "1; Mode=block "
</IfModule>

Virtual Host Configuration:

Sometimes we have to configure multiple virtual hosts, such as HTTP and HTTPS at the same time, to configure multiple virtual hosts, for example:

Namevirtualhost *:80
<virtualhost *:80>
    ServerName www.lpnote.net
    "DocumentRoot Deploy/htdocs "
    serverroot"/home/madding/output "
</VirtualHost>

namevirtualhost *:443
< VirtualHost *:443>
    include/home/madding/deploy/conf/httpd/mod_ssl.conf
    ServerName www.lpnote.net
    DocumentRoot "/home/madding/deploy/htdocs"
    serverroot "/home/madding/output"
</VirtualHost>

Open HTTP and HTTPS two virtual hosts

Rewrite module configuration:

Rewrite module is mainly for Apache access to some of the jump configuration, such as home jump configuration, as well as the proxy server outside the jump, for example:

<ifmodule mod_rewrite.c>
rewriteengine on
        rewriterule ^/(index.html?)? $   http://xxx/index.htm [L,R=301,QSA]
        rewriterule ^/images/(. *) http://xxx/images/$1 [L,R=301,QSA]
        Rewriterule ^/(Offer|member|company)/(. *) http://xxxx/$1/$2 [L,R=301,QSA]
        rewritecond%{http_user_agent} ^$|^ dsb.*$|^spider.net$|^adsblocker.*$|^real.*$|^mozilla/5\.0\s+sf.*$     rewriterule ^/.* http://127.0.0.1/[L, E=nolog:1]
        rewriterule ^/member/([a-za-z0-9_-]+) \.html$ http://xxxx/memberid-$1.html [R=301,L,NC]

</ Ifmodule>

Jump to a specific page when you visit the home page
Note that the two concepts of rewrite and proxy are distinguished.

Expiration Header configuration:

Expired headers are primarily used for server-side caching, such as images, styles, scripts, and so on, to reduce client requests, for example:

<ifmodule mod_expires.c>
    expiresactive on
    expiresdefault A0 expiresbytype image/gif A31536000
    expiresbytype image/jpeg A31536000
    Expiresbytype image/png A31536000
    expiresbytype text/css
    A2592000 expiresbytype text/js A2592000 Expiresbytype text/javascript A2592000
    expiresbytype application/javascript A2592000
    Application/x-javascript A2592000
    expiresbytype application/x-shockwave-flash A31536000
</ifmodule >

A represents an expiration time based on creation, and the type is defined in Apache MIME.

Log configuration:

Logs mainly include Apache error logs and access logs:

Error log, log level, and log output location, for example:

LogLevel error

ErrorLog  "|/sbin/cronolog  /home/madding/output/logs/apache/apache_error.log.%w"

This example mainly defines the log to be cronlog to the external catalog output, differentiated by day.

This log is mainly used to troubleshoot some error messages, generally less useful.

Access log, access log mainly includes log format and log output, for example, as follows:

Logformat "%h%{orig_client_ip}i%l%u%t \%m/%{host}i%u%q%h\"%>s%b%d \ "%{referer}i\" \ "%{user-agent}i\"   Cook Ie_log
customlog "|/sbin/cronolog/home/madding/output/logs/cookie_logs/%w/cookie_log" Cookie_log env=! Xxxlog

The first line defines an error log format, which includes information such as client address, time, access reference, and so on. You can refer to the Apache documentation specifically.

The second line defines the log output format, which is differentiated by day, and the log is not logged if it is a xxxlog-defined information, generally used for information filtering.

This log is a relatively important log that records all the access information and is useful for troubleshooting security issues, user behavior analysis.

This article describes some of the configurations that may be used for online deployment applications, and of course different Web server configurations are different,

All for reference