First look at the following configuration:
<virtualhost *:80>serveradmin [email protected] documentroot "D:/xampp/htdocs/wherein" ServerName www.shop_dev.com errorlog "Logs/wherein.com-error.log" customlog "Logs/wherein.com-access.log" common< Directory "D:/xampp/htdocs/wherein" > Options followsymlinks includesnoexec indexesdirectoryindex index.html index.htm index.phpallowoverride all Order deny,allow-Require all granted</directory></ Virtualhost>
serveradmin directive:
Syntax: ServerAdmin email-address| Url
Used to set the administrator email address included in the error message returned to the client by the server. It makes it easy for users to get in touch with the administrator when they receive the error message.
SERVERNAME directive:
Syntax: ServerName [scheme://] FQDN [:p ORT]
Used to set the host name and port number that the server uses to identify itself. Used primarily to create a redirect URL.
DocumentRoot directive:
Syntax: DocumentRoot directory-path
Used to set the directory in which HTTPD provides services. This is the folder at the entrance of your project.
ERRORLOG directive:
Syntax: Errorlog file-path
To set the file that logs the error log when the server encounters an error. If File-path is not an absolute path with/begins, it will be considered a relative path relative to ServerRoot.
Customlog directive:
Syntax: errorlog file-path Common
Sets the log file and indicates the format in which the log file is used (usually by the name of the format).
<directory directory path >...</Directory>
Set permissions for the primary directory or virtual directory.
Characteristics:
Options followsymlinks includesnoexec Indexes
Command |
Description |
Indexes |
Allow Directory browsing When the customer specifies only the directory to access, but does not specify which file in the directory to access, and the default document does not exist under the directory, Apache returns the list of files and subdirectories in the directory as hypertext (the virtual directory does not appear in the directory list) |
MultiViews |
Multi-emphasis graphs allowing content negotiation MultiViews is actually an intelligent feature of Apache. When a client accesses a nonexistent object in the directory, such as accessing "http://192.168.66.6/data/a", Apache looks for all the a.* files in that directory. Because the A.gif file exists under the data directory, Apache returns the A.gif file to the customer instead of returning an error message |
All |
All contains all features except MultiViews, and if there is no options statement, the default is all |
execcgi |
Allow CGI scripts to be executed under this directory |
FollowSymLinks |
You can use symbolic connections in this directory |
Includes |
Allow server-side include features |
IncludesNOEXEC |
Allow server-side include functionality, but disable execution of CGI scripts
|
Once the definition allows directory browsing, the Web site's folder and file name structure is exposed to hackers. Directory browsing also allows hackers to browse files and master server configuration information, so specifying this permission often poses a security risk. Unless you have sufficient reason to use directory browsing, you should disable it.
DirectoryIndex index.html index.htm index.php
Set the default file to enter after accessing the directory
AllowOverride All
Defines the type of instruction that is located in each directory. htaccess (access control) file. None to prohibit the use of. htaccess files
Order Deny,allow
Allow from all
Set Default access permissions and the order in which allow and deny statements are processed
Allow, deny: The default is to disallow access to all clients, and let statements are matched before the deny statement. If a condition matches both a deny statement and an allow statement, the Deny statement works (because the DENY statement overrides the Allow statement).
Deny, allow: All client access is allowed by default, and the DENY statement is matched before an allow statement. If a condition matches both a deny statement and an Allow statement, the Allow statement works (because the Allow statement overrides the Deny statement).
eg.
Order deny, Allowdeny from Baidu.comdeny from 192.168.66.6
Except for clients from the baidu.com domain and IP address 192.168.66.6, all clients are allowed access
Order deny, Allowallow from 192.168.66.6Deny to 192.168.66.1
Matches both the DENY statement and the Allow statement, allowing all clients to access the DENY statement because it overrides the
Order allow, denyallow from 192.168.66.6Deny to 192.168.66.1
Both the DENY statement and the Allow statement are matched, so all clients are prevented from accessing it because the DENY statement overrides the allowed statement
The httpd-vhosts.conf in Apache is detailed.