centos LAMP第二部分apache配置 下載discuz!配置第一個虛擬主機 安裝Discuz! 用戶認證 配置域名跳轉 配置apache的訪問日誌 配置靜態文件緩存 配置防盜鏈 訪問控制 apache rewrite 配置開機啓動apache tcpdump 第二十節課javascript
不管是apache 仍是nginx,都會有一個默認的虛擬主機 virtual hostphp
多個vhost均可以用同一個配置文件css
安裝兩個Apache,兩個apache能夠共存,可是要使用不一樣的端口html
主配置文件:/usr/local/apache2/conf/httpd.conf
虛擬主機配置文件:/usr/local/apache2/conf/extra/httpd-vhosts.conf前端
上半節課java
下載discuz!
配置第一個虛擬主機
安裝Discuz!
配置mysql,給Discuz!增長一個帳戶
Discuz設置注意事項
5. 用戶認證mysql
下半節課nginx
6. 配置域名跳轉
7. 配置apache的訪問日誌
8. 配置靜態文件緩存(其餘類型文件能夠到apache官方文檔裏面去搜)
9. 配置防盜鏈
10. 訪問控制(通常用在限制用戶登陸論壇後臺管理頁面)
11. apache rewrite相關web
tcpdumpajax
步驟
1. 下載discuz!
cd /download/
wget -c http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_GBK.zip
mkdir /data/www //放網站根目錄
cd /data/www
mv /download/Discuz_X3.2_SC_GBK.zip .
unzip Discuz_X3.2_SC_GBK.zip
mv upload/* . //把upload/目錄裏面的東西放到www目錄,即上一層目錄
cd ..
rm -rf Discuz_X3.2_SC_GBK.zip readme/ utility/ upload/ //把無用目錄刪掉
DiscuzX的包有兩種 一種是utf8 一種是gbk:DiscuzX/3.2/Discuz_X3.2_SC_GBK.zip
2. 配置第一個虛擬主機
刪除/usr/local/apache2/conf/httpd.conf中的這行前面的井號
#Include conf/extra/httpd-vhosts.conf
vi /usr/local/apache2/conf/extra/httpd-vhosts.conf
默認已經有兩個vhost,先刪除一個,再配置另外一個以下:
<VirtualHost *:80>
DocumentRoot "/data/www"
ServerName www.123.com
</VirtualHost>
示例解釋 <VirtualHost *:80> 28 ServerAdmin webmaster@dummy-host.example.com 管理員郵箱 29 DocumentRoot "/usr/local/apache2/docs/dummy-host.example.com" 網站根目錄 30 ServerName dummy-host.example.com 域名 31 ServerAlias www.dummy-host.example.com 另外一個域名 32 ErrorLog "logs/dummy-host.example.com-error_log" 日誌 33 CustomLog "logs/dummy-host.example.com-access_log" common 訪問日誌 34 </VirtualHost>
測試配置文件是否正常: /usr/local/apache2/bin/apachectl -t
檢查/usr/local/apache2/conf/httpd.conf裏面是否是Allow from all
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
3. 安裝Discuz!
修改Windows機器的hosts文件,將Linux機器的ip跟www.123.com綁定:192.168.11.190 www.123.com
瀏覽器輸入:
www.123.com/install/
根據提示,修改對應目錄的權限
cd /data/www
chown -R daemon:daemon data uc_server/data uc_client/data config // 讓這幾個目錄支持apache運行賬號可寫
4. 配置mysql,給Discuz!增長一個帳戶
檢查mysql是否已經啓動:ps aux |grep mysql
將mysql 加入到PATH環境變量
在/etc/profile加入:export PATH=$PATH:/usr/local/mysql/bin ,而後source一下: source /etc/profile
給root指定一個密碼:mysqladmin -uroot password '123456'
給mysql root帳戶設置密碼,而後命令行進入mysql,建立新的庫,並建立一個新的賬號對該庫有全部權限:
> create database discuz;
> grant all on discuz.* to 'root'@'localhost' identified by '123456';
> quit
5. Discuz設置注意事項
一、論壇裏面的驗證碼要安裝php的gd模塊
二、管理中內心的install/index.php 要刪除
cd /data/www rm -f install/index.php
功能設置
5. 用戶認證
http://www.lishiming.net/thread-554-1-1.html
虛擬主機配置文件中,須要加入
<Directory /data/web/test>
AllowOverride AuthConfig
</Directory>
而後在虛擬主機的主目錄,即DocumentRoot 目錄下
vi /data/web/test/.htaccess
加入
AuthName "frank share web"
AuthType Basic
AuthUserFile /data/web/test/.htpasswd
require valid-user
保存後,而後
建立apache的驗證用戶
htpasswd -c /data/web/test/.htpasswd test
#第一次建立用戶要用到-c 參數 第2次添加用戶,就不用-c參數
若是你想修改密碼,能夠以下
htpasswd -m .htpasswd test2
重啓apache,便可。
到此,你已經配置完成。下面介紹另外一種方式:
##################################
vi http.conf
在相應的虛擬主機配置文件段,加入
<Directory *> 也能夠寫虛擬主機目錄路徑:<Directory /data/web/test>
AllowOverride AuthConfig
AuthName "自定義的"
AuthType Basic
AuthUserFile /data/.htpasswd # 這裏的/data/.htpasswd你能夠隨便寫一個路徑或名字,沒有限制
require valid-user
</Directory>
保存後,而後
建立apache的驗證用戶
htpasswd -cm /data/.htpasswd test
增長第二個用戶的時候,就不要加-c了,由於-c是建立的意思,若是加上會把這個文件重寫。
--MD5加密
/usr/local/apache2/bin/htpasswd -cm /data/.htpasswd aming
看一下第35行爲什麼報錯:vi +35 /usr/local/apache2/conf/extra/httpd-vhosts.conf
操做系統沒有GBK編碼,用的是utf8
discuz用的GBK版本
修改apache字符集
http://blog.chinaunix.net/uid-23078678-id-2974411.html
修改apache的配置文件httpd.conf
默認爲:AddDefaultCharset UTF-8
修改成:AddDefaultCharset GBK2312
而後重啓apache生效!
6. 配置域名跳轉
/usr/local/apache2/conf/extra/httpd-vhosts.conf
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.domain1.com$
RewriteRule ^/(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>
若是是多個域名,能夠這樣設置:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.domain.com [OR] //注意www.domain.com [OR] 之間有空格
RewriteCond %{HTTP_HOST} ^www.domain1.com$
RewriteRule ^/(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>
或者: <IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.domain2.com$
RewriteRule ^/(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>
www.a.com跳轉到www.1.com
示例
vi /usr/local/apache2/conf/extra/httpd-vhosts.conf //添加
#配置域名跳轉 <IfModule mod_rewrite.c> RewriteEngine on //首先把引擎打開 RewriteCond %{HTTP_HOST} ^www.a.com$ //判斷條件 域名是www.a.com的時候 RewriteRule ^/(.*)$ http://www.1.com/$1 [R=301,L] //跳轉到www.1.com 302暫時跳轉 301永久跳轉 </IfModule>
7. 配置apache的訪問日誌
apache訪問日誌,日誌切割,歸檔 ,防止大文件爆滿,有4種log
日誌格式
/usr/local/apache2/conf/httpd.conf
<IfModule log_config_module> 243 # 244 # The following directives define some format nicknames for use with 245 # a CustomLog directive (see below). 246 # 247 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined 248 LogFormat "%h %l %u %t \"%r\" %>s %b" common %h 遠程主機 %l 遠程主機登陸名稱 %u 認證用戶 %t 事件產生時間 %r 請求報文的第一行(方法、資源、版本號) %>s 最後一個請求對應的狀態嗎 %b 響應報文的大小 %Referer 從哪一個頁面來的,好比從百度來的 %user-Agent 客戶端瀏覽器類型
配置日誌
/usr/local/apache2/conf/extra/httpd-vhosts.conf
#配置日誌
ErrorLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/oem.discuz.qq.com-error_%Y%m%d.log 86400" SetEnvIf Request_URI ".*\.gif$" image-request SetEnvIf Request_URI ".*\.jpg$" image-request SetEnvIf Request_URI ".*\.png$" image-request SetEnvIf Request_URI ".*\.bmp$" image-request SetEnvIf Request_URI ".*\.swf$" image-request SetEnvIf Request_URI ".*\.js$" image-request SetEnvIf Request_URI ".*\.css$" image-request CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/oem.discuz.qq.com-access_%Y%m%d.log 86400" combined env=!image-request //不記錄圖片請求日誌
配置完日誌後檢查語法
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart
配置文件中下面這一段的意思是不記錄靜態文件訪問的日誌
*********************************
env=!image-request
SetEnvIf Request_URI ".*\.gif$" image-request 正則 .*任意個任意字符 \脫義. gif $結尾的
*********************************
#配置日誌 ErrorLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/www.123.com-error_%Y%m%d.log 86400" SetEnvIf Request_URI ".*\.gif$" image-request SetEnvIf Request_URI ".*\.jpg$" image-request SetEnvIf Request_URI ".*\.png$" image-request SetEnvIf Request_URI ".*\.bmp$" image-request SetEnvIf Request_URI ".*\.swf$" image-request SetEnvIf Request_URI ".*\.js$" image-request SetEnvIf Request_URI ".*\.css$" image-request CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/www.123.com-access_%Y%m%d.log 86400" combined env=!image-request
8. 配置靜態文件緩存(其餘類型文件能夠到apache官方文檔裏面去搜)
/usr/local/apache2/conf/extra/httpd-vhosts.conf
# 配置靜態文件緩存
<IfModule mod_expires.c> ExpiresActive on ExpiresByType image/gif "access plus 1 days" ExpiresByType image/jpeg "access plus 24 hours" ExpiresByType image/png "access plus 24 hours" ExpiresByType text/css "now plus 2 hour" ExpiresByType application/x-javascript "now plus 2 hours" ExpiresByType application/javascript "now plus 2 hours" ExpiresByType application/x-shockwave-flash "now plus 2 hours" ExpiresDefault "now plus 0 min" </IfModule>
或者使用mod_headers模塊實現
<ifmodule mod_headers.c> # htm,html,txt類的文件緩存一個小時 <filesmatch "\.(html|htm|txt)$"> header set cache-control "max-age=3600" </filesmatch> # css, js, swf類的文件緩存一個星期 <filesmatch "\.(css|js|swf)$"> header set cache-control "max-age=604800" </filesmatch> # jpg,gif,jpeg,png,ico,flv,pdf等文件緩存一年 <filesmatch "\.(ico|gif|jpg|jpeg|png|flv|pdf)$"> header set cache-control "max-age=29030400" </filesmatch> </ifmodule>
配置完靜態文件緩存後檢查語法
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart
在網站根目錄下建立一個jpg文件進行測試
瀏覽器
應用
/usr/local/apache2/bin/apachectl -t /usr/local/apache2/bin/apachectl restart touch /data/www/1.jpeg curl -x127.0.0.1:80 www.123.com/1.jpeg -I HTTP/1.1 200 OK Date: Tue, 20 Oct 2015 17:35:41 GMT Server: Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 Last-Modified: Tue, 20 Oct 2015 17:34:51 GMT ETag: "e35a8-0-5228cadd9f7c1" Accept-Ranges: bytes Cache-Control: max-age=86400 Expires: Wed, 21 Oct 2015 17:35:41 GMT Content-Type: image/jpeg
9. 配置防盜鏈
/usr/local/apache2/conf/extra/httpd-vhosts.conf
SetEnvIfNoCase Referer "^http://.*\.yourdomin\.com" local_ref
SetEnvIfNoCase Referer ".*\.yourdomin\.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
# 配置防盜鏈 SetEnvIfNoCase Referer "^http://www.1.com" local_ref SetEnvIfNoCase Referer "www.a.com" local_ref SetEnvIfNoCase Referer "www.b.com" local_ref SetEnvIfNoCase Referer "^$" local_ref <filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)"> Order Allow,Deny Allow from env=local_ref //local_ref是配置的別名,容許local_ref配置裏面的內容 </filesmatch>
測試
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart
curl -e "http://www.baidu.com/sdfsdf" -x127.0.0.1:80 www.1.com/1.txt -I
或者不加-e
curl -x127.0.0.1:80 www.1.com/1.txt -I
能夠看vhost的訪問日誌
應用
# 配置防盜鏈 53 SetEnvIfNoCase Referer "^http://www.123.com" local_ref 54 SetEnvIfNoCase Referer "^$" local_ref 55 <filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)"> 56 Order Allow,Deny 57 Allow from env=local_ref 58 </filesmatch> ------------------------------------------------------ # touch /data/www/1.txt # curl -e "http://www.baidu.com/sdfsdf" -x127.0.0.1:80 www.123.com/1.txt -I HTTP/1.1 403 Forbidden Date: Tue, 20 Oct 2015 17:45:49 GMT Server: Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 Content-Type: text/html; charset=iso-8859-1 # curl -x127.0.0.1:80 www.123.com/1.txt -I HTTP/1.1 200 OK Date: Tue, 20 Oct 2015 17:46:21 GMT Server: Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 Last-Modified: Tue, 20 Oct 2015 17:45:27 GMT ETag: "e35ae-0-5228cd3cca4c1" Accept-Ranges: bytes Cache-Control: max-age=0 Expires: Tue, 20 Oct 2015 17:46:21 GMT Content-Type: text/plain
立刻產生errorlog
# tail www.123.com-error_20151021.log [Wed Oct 21 01:35:23 2015] [error] [client 127.0.0.1] File does not exist: /data/www/1jpeg [Wed Oct 21 01:45:49 2015] [error] [client 127.0.0.1] client denied by server configuration: /data/www/1.txt, referer: http://www.baidu.com/sdfsdf
10. 訪問控制(通常用在限制用戶登陸論壇後臺管理頁面)
/usr/local/apache2/conf/extra/httpd-vhosts.conf
# 訪問控制 <Directory /data/www/admin> //通常只對很是重要的網站後臺管理目錄作限制 Order deny,allow Deny from all Allow from 127.0.0.1 </Directory>
測試
/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart
curl -x127.0.0.1:80 www.1.com/1.txt -I
參考文檔來源: http://jingyan.baidu.com/article/4b07be3c193d1648b380f3a9.html
<Files ~ "\.insc$">等價於<Filesmatch (.*)php>
1. 禁止訪問某些文件/目錄
增長Files選項來控制,好比要不容許訪問 .inc 擴展名的文件,保護php類庫:
<Files ~ "\.insc$">
2. 禁止訪問某些指定的目錄:(能夠用 <DirectoryMatch> 來進行正則匹配)
<Directory ~ "/var/www/(.+)*[0-9]{3}">
固然也能夠寫目錄全局路徑
<Directory /var/www/111>
3. 經過文件匹配來進行禁止,好比禁止全部針對圖片的訪問:
<Filesmatch (.*)php>
4. 針對URL相對路徑的禁止訪問
<Location /dir/>
<Directory /data/www/admin>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
針對請求的uri去限制
<filesmatch "(.*)admin(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>
某個目錄下禁止解析php
<Directory /data/www/path>
php_admin_flag engine off
<filesmatch "(.*)php">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>
</Directory>
主配置文件裏有這麼一段:/usr/local/apache2/conf/httpd.conf
找了半天終於找到了問題的根源,實際上是配置對了,只是咱們訪問的有點問題。
咱們訪問的地址是1.txt ,而在配置文件中咱們有配置一段防盜鏈
針對1.txt referer是空或者是1.com 都會直接容許訪問,問題就在這裏。當我再次訪問 forum.php的時候 效果達到了。
應用
<Directory /data/www> //只對網站後臺管理頁面進行控制 <filesmatch "admin.php"> Order deny,allow Deny from all Allow from 127.0.0.1 </filesmatch> </Directory>
匹配
http://www.1.com/admin/admin.phpsdfsdfsdf
http://www.1.com/admin.phpwerewrwerwer
http://www.1.com/ewfwewefadmin.phpwerewrwerwer
<Directory /data/www/admin.php> Order deny,allow Deny from all Allow from 127.0.0.1 </Directory>
匹配
http://www.1.com/admin.php
#某個目錄下禁止解析php <Directory /data/www/uc_server> php_admin_flag engine off <filesmatch "(.*)php"> Order deny,allow Deny from all </filesmatch> </Directory>
應用
<Directory /data/www> <filesmatch "admin.php"> Order deny,allow Deny from all Allow from 192.168.0.100 Allow from 192.168.0.101 </filesmatch> </Directory>
非上面兩個ip的都不行
11. apache rewrite相關
RewriteCond 重寫條件
RewriteRule 重寫規則
[R=302]臨時跳轉 rewrite
[R=301]永久跳轉 rewrite
僞靜態就是你訪問一個動態頁面的時候URL是一串動態的字符,而配置了僞靜態以後URL變爲靜態,跟rewrite域名跳轉不同
apache 限制指定user_agent http://www.lishiming.net/thread-1033-1-1.html
apache 限制某些目錄不能訪問經過rewrite實現 http://www.lishiming.net/thread-3587-1-1.html
apache rewrite 出現死循環 http://www.lishiming.net/thread-1043-1-1.html
apache rewrite 出現死循環
網站夜間升級 ,所有頁面跳轉到網站公告頁面
除了公告頁面不跳轉,不然會出現死循環,公告頁面跳入公告頁面
discuz僞靜態配置:
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/topic-(.+)\.html$ /portal.php?mod=topic&topic=$1&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/article-([0-9]+)-([0-9]+)\.html$ /portal.php?mod=view&aid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/forum-(\w+)-([0-9]+)\.html$ /forum.php?mod=forumdisplay&fid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=viewthread&tid=$1&extra=page\%3D$3&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/group-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=group&fid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/space-(username|uid)-(.+)\.html$ /home.php?mod=space&$1=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/blog-([0-9]+)-([0-9]+)\.html$ /home.php?mod=space&uid=$1&do=blog&id=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/archiver/(fid|tid)-([0-9]+)\.html$ /archiver/index.php?action=$1&value=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/([a-z]+[a-z0-9_]*)-([a-z0-9_\-]+)\.html$ /plugin.php?id=$1:$2&%1
應用
將下面的代碼放在域名跳轉下面
RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/topic-(.+)\.html$ /portal.php?mod=topic&topic=$1&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/article-([0-9]+)-([0-9]+)\.html$ /portal.php?mod=view&aid=$1&page=$2&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/forum-(\w+)-([0-9]+)\.html$ /forum.php?mod=forumdisplay&fid=$1&page=$2&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=viewthread&tid=$1&extra=page\%3D$3&page=$2&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/group-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=group&fid=$1&page=$2&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/space-(username|uid)-(.+)\.html$ /home.php?mod=space&$1=$2&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/blog-([0-9]+)-([0-9]+)\.html$ /home.php?mod=space&uid=$1&do=blog&id=$2&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/archiver/(fid|tid)-([0-9]+)\.html$ /archiver/index.php?action=$1&value=$2&%1 RewriteCond %{QUERY_STRING} ^(.*)$ RewriteRule ^/([a-z]+[a-z0-9_]*)-([a-z0-9_\-]+)\.html$ /plugin.php?id=$1:$2&%1
vhost下面加功能
多個vhost對應多個端口
# 19 NameVirtualHost *:80 //多個vhost寫多個端口 20 NameVirtualHost *:8080 21 # 22 # VirtualHost example: 23 # Almost any Apache directive may go into a VirtualHost container. 24 # The first VirtualHost section is used for all requests that do not 25 # match a ServerName or ServerAlias in any <VirtualHost> block. 26 # 27 <VirtualHost *:80> 28 ServerAdmin webmaster@dummy-host.example.com 29 DocumentRoot "/usr/local/apache2/docs/dummy-host.example.com" 30 ServerName dummy-host.example.com 31 ServerAlias www.dummy-host.example.com 32 ErrorLog "logs/dummy-host.example.com-error_log" 33 CustomLog "logs/dummy-host.example.com-access_log" common 34 </VirtualHost> 35 36 <VirtualHost *:80> 37 ServerAdmin webmaster@dummy-host2.example.com 38 DocumentRoot "/usr/local/apache2/docs/dummy-host2.example.com" 39 ServerName dummy-host2.example.com
curl的瀏覽器標識 user-agent
http://www.jbxue.com/article/10287.html
今天學習使用apache系統自帶的rotatelogs工具對日誌進行截斷處理。
一,修改文件httpd.conf
注意:如下日誌文件存儲路徑均爲絕對路徑。
複製代碼 代碼示例:
CustomLog "logs/access.log" common 原來的樣子
ErrorLog "logs/error.log"原來的樣子
CustomLog "|bin/rotatelogs /var/logs/logfile 86400" common 修改後的樣子
CustomLog "|bin/rotatelogs /var/logs/logfile 5M" common 修改後的樣子
ErrorLog "|bin/rotatelogs /var/logs/errorlog.%Y-%m-%d-%H_%M_%S 5M"
二,重啓apache服務,在指定的日誌目錄中驗證。
三:語法分析
rotatelogs [ -l ] logfile [ rotationtime [ offset ]] | [ filesizeM ]
該命令其實只有兩種選項用以對日誌文件logfile進行操做。且必須選擇其中一種方式。
第一種,rotationtime
日誌文件以秒爲單位滾動
第二種, filesizeM
指定以filesizeM文件大小滾動,而不是按照時間或時差滾動
舉例:ErrorLog "|bin/rotatelogs /var/logs/errorlog.%Y-%m-%d-%H_%M_%S 5M"
此配置會在錯誤日誌大小增加到5兆字節時滾動該日誌,日誌文件名後綴會按照以下格式建立:errorlog.YYYY-mm-dd-HH_MM_SS 。
選項 -l 和offset都是和時區相關的。
四:文件名稱格式
errorlog.%Y-%m-%d-%H_%M_%S-------------------errorlog.YYYY-mm-dd-HH_MM_SS
%A 星期名全稱(本地的)
%a 3個字符的星期名(本地的)
%B 月份名的全稱(本地的)
%b 3個字符的月份名(本地的)
%c 日期和時間(本地的)
%d 2位數的一個月中的日期數
%H 2位數的小時數(24小時制)
%I 2位數的小時數(12小時制)
%j 3位數的一年中的日期數
%M 2位數的分鐘數
%m 2位數的月份數
%p am/pm12小時制的上下午(本地的)
%S 2位數的秒數
%U 2位數的一年中的星期數(星期天爲一週的第一天)
%W 2位數的一年中的星期數(星期一爲一週的第一天)
%w 1位數的星期幾(星期天爲一週的第一天)
%X 時間(本地的)
%x 日期(本地的)
%Y 4位數的年份
%y 2位數的年份
%Z 時區名
%% 符號"%"自己
接下來介紹,按日期生成apache日誌文件及限制apache日誌文件大小的方法。
須要用到apache自帶的rotatelogs小工具
語法以下:
rotatelogs [ -l ] logfile [ rotationtime [ offset ]] | [ filesizeM ]
參數解釋:
-l :使用本地時間代替GMT時間做爲時間基準。注意:在一個改變GMT偏移量(好比夏令時)的環境中使用-l會致使不可預料的結果。
logfile:它加上基準名就是日誌文件名。若是logfile中包含"%",則它會被視爲用於strftime()的格式字符串;不然它會被自動加上以秒爲單位的".nnnnnnnnnn"後綴。
這兩種格式都表示新的日誌開始使用的時間。
rotationtime :日誌文件滾動的以秒爲單位的間隔時間。
offset :相對於UTC的時差的分鐘數。若是省略,則假定爲"0"並使用UTC時間。好比,要指定UTC時差爲"-5小時"的地區的當地時間,則此參數
應爲"-300"。
filesizeM :指定以filesizeM文件大小滾動,而不是按照時間或時差滾動。
例子:
一、按時間滾動日誌文件:
錯誤日誌:
ErrorLog "|/data/apache/bin/rotatelogs 日誌存放目錄/%Y%m%d_error.log 86400 480"
訪問日誌:
CustomLog "|/data/apache/bin/rotatelogs 日誌存放目錄/%Y%m%d_access.log 86400 480" common
其中:
/data/apache:爲apache的安裝目錄,根據本身實際狀況肯定;
86400:秒,24小時,表示生成的日誌文件按天滾動,也就是天天生成一個日誌文件;
480:分,時間偏移。
同理能夠按小時滾動日誌文件,每隔一個小時,幾個小時。。。生成一個日誌文件。
擴展:能夠寫個腳本定時刪除日誌文件,只保留幾天的日誌,若是網站訪問量比較大,一天會生成幾十上百M甚至更大的日誌文件,既佔硬盤又影響服務器性能。
二、按大小滾動日誌文件:
錯誤日誌:
ErrorLog "|/data/apache/bin/rotatelogs -l 日誌存放目錄/%Y%m%d_error.log 5M"
訪問日誌:
CustomLog "|/data/apache/bin/rotatelogs -l 日誌存放目錄/%Y%m%d_access.log 5M" common
當日志文件達到5M時,滾動該日誌文件。
另外,說下apache日誌管理的相關知識。
web服務器日誌滾動的方法,經常使用的有以下三種:
1,利用Linux系統自身的日誌文件輪循機制:logrotate;
2,利用apache自帶的日誌輪循程序rotatelogs;
3,使用在apache的FAQ中推薦發展已經比較成熟的一個日誌輪循工具cronolog。
這裏介紹下apache自帶的日誌滾動程序rotatelogs,並用shell腳本按期刪除日誌文件,只保留近3天的文件,以避免日誌文件佔滿磁盤空間。
修改apache服務器的主配置文件httpd.conf,找到如下內容,並修改爲:
ErrorLog /var/log/httpd/error_log CustomLog "|/usr/local/apache2/bin/rotatelogs /var/log/httpd/access_log 86400 400M" combined
86400 ---日誌滾動的時間是一天
400---日誌文件最大400M就滾動
combined ---採用複合格式
而後,創建清除日誌文件的shell腳本,文件名爲clean_log
#! /bin/bash logdir=/var/log/httpd cd ${logdir} declare -i filesum=`ls access_log.* | wc -l` declare -i delnum=$filesum-3 if [ "${delnum}" -ge 1 ];then rm -rf `ls -tr access_log.* | head -${delnum}` fi
#加上執行權限
chmod 755 clean_log
保留最近3天的日誌文件。
建立自動化任務:
01 04 * * * /usr/local/crontab/clean_log
PHP的擴展庫
GD圖片處理庫
修改目錄權限
根據提示,修改對應目錄的權限
cd /data/www
chown -R daemon:daemon data uc_server/data uc_client/data config // 讓這幾個目錄支持apache運行賬號可寫
配置開機啓動apache
echo '/usr/local/apache2/bin/apachectl start'>>/etc/rc.local
注意:不能使用/etc/init.d/httpd的方式!
還有虛擬機安裝了兩個httpd,一個rpm版本,一個編譯安裝版,致使修改了vhosts配置文件以後,執行apachectl -restart的時候新修改的內容不生效
解決辦法是刪除rpm版本的httpd
rpm -qa |grep httpd
rpm -e httpd-2.2.15-39.el6.centos.x86_64
rpm -qa |grep httpd
http://www.apelearn.com/bbs/thread-9146-1-1.html
編譯安裝安裝方式不支持將apachectl放入/etc/init.d/httpd
RPM包方式才支持將apachectl放入/etc/init.d/httpd
tcpdump抓包
tcpdump -nn -i eth1 -s 0 host 192.168.0.100 and dst port 80 and dst 192.168.0.106 //由於只顯示目標端口和目標ip因此單向
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
06:44:35.903095 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [S], seq 1723280863, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
06:44:35.905358 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 3341746770, win 16425, length 0
06:44:35.905378 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [P.], seq 0:1163, ack 1, win 16425, length 1163
06:44:35.967826 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 2921, win 16425, length 0
06:44:35.968025 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 5841, win 16425, length 0
06:44:35.968165 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 8761, win 16425, length 0
06:44:35.968295 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 11681, win 16425, length 0
06:44:35.968466 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 14601, win 16425, length 0
06:44:35.968693 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 16254, win 16425, length 0
06:44:36.016064 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [P.], seq 1163:2416, ack 16259, win 16423, length 1253
點擊一下默認板塊產生不少包
# tcpdump -nn -i eth1 -s 0 tcp and port 80 and host 192.168.0.100 and host 192.168.0.106 //指定了端口通常也要指定協議 由於兩個都是host因此會顯示雙向
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
06:55:33.624605 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [S], seq 1337810073, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
06:55:33.624658 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [S.], seq 3180963847, ack 1337810074, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0
06:55:33.625110 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 1, win 16425, length 0
06:55:33.625122 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [P.], seq 1:1149, ack 1, win 16425, length 1148
06:55:33.625162 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], ack 1149, win 264, length 0
06:55:33.684537 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 1:2921, ack 1149, win 264, length 2920
06:55:33.684796 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 2921, win 16425, length 0
06:55:33.684886 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 2921:5841, ack 1149, win 264, length 2920
06:55:33.685506 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 5841, win 16425, length 0
06:55:33.685576 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 5841:8761, ack 1149, win 264, length 2920
06:55:33.685782 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 8761, win 16425, length 0
06:55:33.687586 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 8761:11681, ack 1149, win 264, length 2920
httpd的訪問日誌
C:\Users\Name\Desktop\apache 2015-10-26 logs\access_log 127.0.0.1 - - [12/Oct/2015:13:35:03 +0800] "GET /1.php HTTP/1.1" 200 26 192.168.0.101 - - [12/Oct/2015:13:35:43 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.0.101 - - [12/Oct/2015:13:35:44 +0800] "GET /1.php HTTP/1.1" 200 26 192.168.0.101 - - [12/Oct/2015:13:35:44 +0800] "GET /1.php HTTP/1.1" 200 26 127.0.0.1 - - [12/Oct/2015:13:38:53 +0800] "GET /1.php HTTP/1.1" 200 51497 192.168.0.101 - - [12/Oct/2015:13:39:01 +0800] "GET /1.php HTTP/1.1" 200 52807 192.168.0.101 - - [12/Oct/2015:13:39:01 +0800] "GET /1.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524 192.168.0.101 - - [12/Oct/2015:13:39:01 +0800] "GET /1.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146 192.168.0.101 - - [12/Oct/2015:13:39:02 +0800] "GET /favicon.ico HTTP/1.1" 404 209 127.0.0.1 - - [12/Oct/2015:13:39:18 +0800] "OPTIONS * HTTP/1.0" 200 - 127.0.0.1 - - [12/Oct/2015:13:39:19 +0800] "OPTIONS * HTTP/1.0" 200 - 192.168.0.101 - - [21/Oct/2015:00:13:53 +0800] "GET /install/ HTTP/1.1" 200 7268 192.168.0.101 - - [21/Oct/2015:00:13:54 +0800] "GET /install/images/bg_footer.gif HTTP/1.1" 200 116 192.168.0.101 - - [21/Oct/2015:00:14:03 +0800] "GET /install/index.php?step=1&uchidden=&submit=%CE%D2%CD%AC%D2%E2 HTTP/1.1" 200 5723 192.168.0.101 - - [21/Oct/2015:00:14:03 +0800] "GET /install/images/bg_stepstatus.gif HTTP/1.1" 200 259 192.168.0.101 - - [21/Oct/2015:00:14:03 +0800] "GET /install/images/stepnum.gif HTTP/1.1" 200 2632 127.0.0.1 - - [21/Oct/2015:00:14:11 +0800] "OPTIONS * HTTP/1.0" 200 - 127.0.0.1 - - [21/Oct/2015:00:14:12 +0800] "OPTIONS * HTTP/1.0" 200 - 192.168.0.101 - - [21/Oct/2015:00:15:19 +0800] "POST /install/index.php HTTP/1.1" 200 3455 192.168.0.101 - - [21/Oct/2015:00:15:25 +0800] "POST /install/index.php HTTP/1.1" 302 - 192.168.0.101 - - [21/Oct/2015:00:15:25 +0800] "GET /install/index.php?step=3&install_ucenter=yes HTTP/1.1" 200 3524 192.168.0.101 - - [21/Oct/2015:00:18:46 +0800] "-" 408 - 127.0.0.1 - - [21/Oct/2015:00:18:46 +0800] "OPTIONS * HTTP/1.0" 200 - 192.168.0.101 - - [21/Oct/2015:00:25:32 +0800] "POST /install/index.php HTTP/1.1" 200 32719 192.168.0.101 - - [21/Oct/2015:00:25:39 +0800] "GET /misc.php?mod=initsys HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:25:46 +0800] "GET /install/index.php?method=ext_info HTTP/1.1" 200 1267 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET / HTTP/1.1" 301 - 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /forum.php HTTP/1.1" 200 12593 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /data/cache/style_1_forum_index.css?pss HTTP/1.1" 200 3665 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /data/cache/style_1_common.css?pss HTTP/1.1" 200 69562 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /data/cache/style_1_widthauto.css?pss HTTP/1.1" 200 1483 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/js/common.js?pss HTTP/1.1" 200 63289 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/js/forum.js?pss HTTP/1.1" 200 22720 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/js/logging.js?pss HTTP/1.1" 200 603 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/search.png HTTP/1.1" 200 1301 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/nv.png HTTP/1.1" 200 1939 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/nv_a.png HTTP/1.1" 200 2076 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358368 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/scrolltop.png HTTP/1.1" 200 1383 127.0.0.1 - - [21/Oct/2015:00:26:16 +0800] "OPTIONS * HTTP/1.0" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:29 +0800] "GET /static/js/ajax.js?pss HTTP/1.1" 200 7835 192.168.0.101 - - [21/Oct/2015:00:26:29 +0800] "POST /member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1 HTTP/1.1" 200 396 192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /member.php?mod=logging&action=login&auth=29daT789VZ8C8zjE0ImpSpwPwzApkK2NKDrzbc6qlNvfyAN112%2FCRomzwA&referer=http%3A%2F%2Fwww.123.com%2Fforum.php&infloat=yes&handlekey=login&inajax=1&ajaxtarget=fwin_content_login HTTP/1.1" 200 3747 192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/js/common_extra.js?pss HTTP/1.1" 200 46875 192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/image/common/cls.gif HTTP/1.1" 200 526 192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/image/common/right.gif HTTP/1.1" 200 678 192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSAnX92XB&0.24064634722004718&modid=member::logging HTTP/1.1" 200 1528 192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/image/common/none.gif HTTP/1.1" 200 43 192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /misc.php?mod=seccode&update=40780&idhash=cSAnX92XB HTTP/1.1" 200 158 192.168.0.101 - - [21/Oct/2015:00:26:36 +0800] "GET /static/image/common/loading.gif HTTP/1.1" 200 875 192.168.0.101 - - [21/Oct/2015:00:26:36 +0800] "GET /misc.php?mod=seccode&action=check&inajax=1&modid=member::logging&idhash=cSAnX92XB&secverify=ctcj HTTP/1.1" 200 70 192.168.0.101 - - [21/Oct/2015:00:26:36 +0800] "GET /static/image/common/check_right.gif HTTP/1.1" 200 296 00 - 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/refresh.png HTTP/1.1" 200 1074 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358408 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /data/cache/common_smilies_var.js?pss HTTP/1.1" 200 3400 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /home.php?mod=spacecp&ac=pm&op=checknewpm&rand=1445358408 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765216946 HTTP/1.1" 200 13536 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSLszz2X&0.721008357087331&modid=forum::forumdisplay HTTP/1.1" 200 1519 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/shutup.gif HTTP/1.1" 200 2500 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/sleepy.gif HTTP/1.1" 200 2375 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/hug.gif HTTP/1.1" 200 1054 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/victory.gif HTTP/1.1" 200 1275 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/time.gif HTTP/1.1" 200 687 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/kiss.gif HTTP/1.1" 200 987 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/handshake.gif HTTP/1.1" 200 1322 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/call.gif HTTP/1.1" 200 603 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=patch&action=checkpatch&rand=1445358408 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/folder_new.gif HTTP/1.1" 200 235 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/pollsmall.gif HTTP/1.1" 200 600 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=seccode&update=62355&idhash=cSLszz2X HTTP/1.1" 200 158 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=patch&action=ipnotice&_r=0.15455305205052006&inajax=1&ajaxtarget=ip_notice HTTP/1.1" 200 63 192.168.0.101 - - [21/Oct/2015:00:26:50 +0800] "GET /static/image/common/uploadbutton_small.png HTTP/1.1" 200 690 192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=patch&action=pluginnotice&inajax=1&ajaxtarget=plugin_notice HTTP/1.1" 200 63 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /data/cache/style_1_forum_post.css?pss HTTP/1.1" 200 7059 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line5.png HTTP/1.1" 200 528 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/0.gif HTTP/1.1" 200 1013 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line4.png HTTP/1.1" 200 133 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line1.png HTTP/1.1" 200 164 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line9.png HTTP/1.1" 200 187 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/5.gif HTTP/1.1" 200 1602 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line2.png HTTP/1.1" 200 711 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line7.png HTTP/1.1" 200 365 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/2.gif HTTP/1.1" 200 3343 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /misc.php?css=1_wysiwyg&pss HTTP/1.1" 200 559 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /data/cache/style_1_forum_calendar.css?pss HTTP/1.1" 200 1161 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358410 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /home.php?mod=spacecp&ac=pm&op=checknewpm&rand=1445358410 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765219307 HTTP/1.1" 200 13536 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765219353 HTTP/1.1" 200 13536 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /misc.php?mod=patch&action=checkpatch&rand=1445358410 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSaG588y&0.2836799351813733&modid=forum::post HTTP/1.1" 200 1503 192.168.0.101 - - [21/Oct/2015:00:26:52 +0800] "GET /misc.php?mod=patch&action=ipnotice&_r=0.9286310464287497&inajax=1&ajaxtarget=ip_notice HTTP/1.1" 200 63 192.168.0.101 - - [21/Oct/2015:00:26:52 +0800] "GET /misc.php?mod=seccode&update=42232&idhash=cSaG588y HTTP/1.1" 200 158 192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /forum.php?mod=relatekw&subjectenc=&messageenc=&inajax=1&ajaxtarget=tagselect HTTP/1.1" 200 63 192.168.0.101 - - [21/Oct/2015:00:26:52 +0800] "GET /misc.php?mod=patch&action=pluginnotice&inajax=1&ajaxtarget=plugin_notice HTTP/1.1" 200 63 192.168.0.101 - - [21/Oct/2015:00:26:57 +0800] "GET /forum.php?mod=relatekw&subjectenc=test&messageenc=&inajax=1&ajaxtarget=tagselect HTTP/1.1" 200 63 192.168.0.101 - - [21/Oct/2015:00:27:04 +0800] "GET /misc.php?mod=seccode&action=check&inajax=1&modid=forum::post&idhash=cSaG588y&secverify=cj6j HTTP/1.1" 200 70 192.168.0.101 - - [21/Oct/2015:00:27:06 +0800] "GET /misc.php?mod=seccode&action=check&inajax=1&modid=forum::post&idhash=cSaG588y&secverify=cj6j HTTP/1.1" 200 70 127.0.0.1 - - [21/Oct/2015:00:27:13 +0800] "OPTIONS * HTTP/1.0" 200 - 192.168.0.101 - - [21/Oct/2015:00:27:25 +0800] "POST /forum.php?mod=post&action=newthread&fid=2&extra=&topicsubmit=yes HTTP/1.1" 301 - 192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /static/image/common/uploadbutton.png HTTP/1.1" 200 1391 192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /static/image/common/uploadbutton.png HTTP/1.1" 200 1391 192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /forum.php?mod=viewthread&tid=1&extra= HTTP/1.1" 200 32905 192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /data/cache/style_1_forum_viewthread.css?pss HTTP/1.1" 200 46079 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /static/image/common/fastreply.gif HTTP/1.1" 200 608 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765254727 HTTP/1.1" 200 13536 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358446 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSUsRRzX&0.7534482570377987&modid=forum::viewthread HTTP/1.1" 200 1515 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /home.php?mod=spacecp&ac=pm&op=checknewpm&rand=1445358446 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=patch&action=checkpatch&rand=1445358446 HTTP/1.1" 200 - 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=seccode&update=24492&idhash=cSUsRRzX HTTP/1.1" 200 158 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=patch&action=ipnotice&_r=0.2202783499608713&inajax=1&ajaxtarget=ip_notice HTTP/1.1" 200 63 192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=patch&action=pluginnotice&inajax=1&ajaxtarget=plugin_notice HTTP/1.1" 200 63 127.0.0.1 - - [21/Oct/2015:00:27:35 +0800] "OPTIONS * HTTP/1.0" 200 - 192.168.0.101 - - [21/Oct/2015:00:31:40 +0800] "GET /admin.php HTTP/1.1" 200 2568 192.168.0.101 - - [21/Oct/2015:00:31:40 +0800] "GET /static/image/admincp/admincp.css HTTP/1.1" 200 33246 192.168.0.101 - - [21/Oct/2015:00:31:41 +0800] "GET /static/image/admincp/bg_login.gif HTTP/1.1" 200 475 192.168.0.101 - - [21/Oct/2015:00:31:41 +0800] "GET /static/image/admincp/login_title.gif HTTP/1.1" 200 3121 192.168.0.101 - - [21/Oct/2015:00:31:46 +0800] "POST /admin.php? HTTP/1.1" 302 - 192.168.0.101 - - [21/Oct/2015:00:31:46 +0800] "GET /admin.php? HTTP/1.1" 200 37555 192.168.0.101 - - [21/Oct/2015:00:31:47 +0800] "GET /static/image/admincp/admincp.css?pss HTTP/1.1" 200 33246 192.168.0.101
httpd的錯誤日誌
C:\Users\Name\Desktop\apache 2015-10-26 logs\error_log [Mon Oct 12 13:02:20 2015] [notice] Digest: generating secret for digest authentication ... [Mon Oct 12 13:02:20 2015] [notice] Digest: done [Mon Oct 12 13:02:20 2015] [notice] Apache/2.2.27 (Unix) DAV/2 configured -- resuming normal operations [Mon Oct 12 13:33:01 2015] [notice] SIGHUP received. Attempting to restart [Mon Oct 12 13:33:01 2015] [notice] Digest: generating secret for digest authentication ... [Mon Oct 12 13:33:01 2015] [notice] Digest: done [Mon Oct 12 13:33:01 2015] [notice] Apache/2.2.27 (Unix) DAV/2 configured -- resuming normal operations [Mon Oct 12 13:35:43 2015] [error] [client 192.168.0.101] File does not exist: /usr/local/apache2/htdocs/favicon.ico [Mon Oct 12 13:37:05 2015] [notice] SIGHUP received. Attempting to restart [Mon Oct 12 13:37:05 2015] [notice] Digest: generating secret for digest authentication ... [Mon Oct 12 13:37:05 2015] [notice] Digest: done [Mon Oct 12 13:37:05 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations [Mon Oct 12 13:38:23 2015] [notice] caught SIGTERM, shutting down [Mon Oct 12 13:38:27 2015] [notice] Digest: generating secret for digest authentication ... [Mon Oct 12 13:38:27 2015] [notice] Digest: done [Mon Oct 12 13:38:27 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations [Mon Oct 12 13:38:53 2015] [error] [client 127.0.0.1] PHP Warning: phpinfo() [<a href='function.phpinfo'>function.phpinfo</a>]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Chongqing' for 'CST/8.0/no DST' instead in /usr/local/apache2/htdocs/1.php on line 3 [Mon Oct 12 13:39:01 2015] [error] [client 192.168.0.101] PHP Warning: phpinfo() [<a href='function.phpinfo'>function.phpinfo</a>]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Chongqing' for 'CST/8.0/no DST' instead in /usr/local/apache2/htdocs/1.php on line 3 [Mon Oct 12 13:39:02 2015] [error] [client 192.168.0.101] File does not exist: /usr/local/apache2/htdocs/favicon.ico [Mon Oct 12 13:43:21 2015] [notice] caught SIGTERM, shutting down [Wed Oct 21 00:13:39 2015] [notice] Digest: generating secret for digest authentication ... [Wed Oct 21 00:13:39 2015] [notice] Digest: done [Wed Oct 21 00:13:39 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations [Wed Oct 21 00:26:51 2015] [error] [client 192.168.0.101] File does not exist: /data/www/static/js/common_postimg.js, referer: http://www.123.com/forum.php?mod=post&action=newthread&fid=2 [Wed Oct 21 01:24:54 2015] [notice] SIGHUP received. Attempting to restart [Wed Oct 21 01:24:54 2015] [notice] Digest: generating secret for digest authentication ... [Wed Oct 21 01:24:54 2015] [notice] Digest: done [Wed Oct 21 01:24:54 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations [Wed Oct 21 01:34:30 2015] [notice] SIGHUP received. Attempting to restart [Wed Oct 21 01:34:30 2015] [notice] Digest: generating secret for digest authentication ... [Wed Oct 21 01:34:30 2015] [notice] Digest: done [Wed Oct 21 01:34:30 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations [Wed Oct 21 01:44:44 2015] [notice] SIGHUP received. Attempting to restart [Wed Oct 21 01:44:44 2015] [notice] Digest: generating secret for digest authentication ...
vhosts訪問日誌
C:\Users\Name\Desktop\apache 2015-10-26 logs\www.123.com-access_20151021.log 192.168.0.122 - - [21/Oct/2015:02:12:18 +0800] "GET /admin.php HTTP/1.1" 403 211 "http://www.123.com/forum.php?mod=viewthread&tid=1&extra=" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)" 192.168.0.122 - - [21/Oct/2015:02:12:18 +0800] "GET /admin.php HTTP/1.1" 403 211 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)"
vhosts錯誤日誌
www.123.com-error_20151021 [Wed Oct 21 01:35:23 2015] [error] [client 127.0.0.1] File does not exist: /data/www/1jpeg [Wed Oct 21 01:45:49 2015] [error] [client 127.0.0.1] client denied by server configuration: /data/www/1.txt, referer: http://www.baidu.com/sdfsdf [Wed Oct 21 02:12:18 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php?mod=viewthread&tid=1&extra= [Wed Oct 21 02:12:18 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php [Wed Oct 21 02:12:28 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php [Wed Oct 21 02:12:28 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php [Wed Oct 21 02:13:24 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php?mod=viewthread&tid=1&extra=page%3D1 [Wed Oct 21 02:13:24 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php [Wed Oct 21 02:14:48 2015] [error] [client 192.168.0.106] client denied by server configuration: /data/www/admin.php [Wed Oct 21 04:04:35 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php?mod=forumdisplay&fid=2 [Wed Oct 21 04:04:35 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php [Wed Oct 21 04:04:51 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php [Wed Oct 21 04:04:51 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php
安裝centos的時候必定要最小化安裝,不然會默認安裝上rpm版的apache
rpm -qa |grep httpd ,公司臺機不是最小化安裝
騰訊雲也是已經安裝rpm版httpd
擴展閱讀
http://zhidao.baidu.com/link?url=wXZsevUwcgavOX6Sc3eBDHlA2ApifsdEvL4wBHYxODCmaK3VIFLFuDMecjhZZuVJPYJVou2zhHtnBRXeKTtRMa
http://www.server110.com/apache/201310/1984.html
/usr/local/apache/bin/apachectl -k start 啓動apache服務是 -k 是什麼意思呢?請大俠幫助,謝謝!
是源於UNIX的kill命令向運行中的進程發送信號。
apache官方的解釋以下:
爲了中止或者從新啓動Apache ,必須向正在運行的httpd進程發送信號。有兩種發送信號的方法。第一種方法是直接使用UNIX的kill命令向運行中的進程發送信號。也許你會注意到你的系統裏運行着不少httpd進程。但你不該該直接對它們中的任何一個發送信號,而只要對已經在PidFile中記載下了自身PID的父進程發送信號。也就是說,你沒必要對父進程之外的任何進程發送信號。你能夠向父進程發送三種信號:TERM、HUP、USR1 。
你能夠用下面這樣的命令來向父進程發送信號:
kill -TERM `cat /usr/local/apache2/logs/httpd.pid`
第二種方法是使用下面將要描述的httpd二進制可執行文件的 -k 命令行選項:stop、restart、graceful、graceful-stop 。
不過推薦你使用apachectl控制腳原本向httpd二進制可執行文件傳遞這些選項。
當你向httpd發送信號後,你能夠這樣來讀取它的進行過程:
tail -f /usr/local/apache2/logs/error_log
好比--當即中止
使用信號:TERM
apachectl -k stop發送TERM或stop信號到父進程可使它馬上殺死全部子進程。這將花費一些時間來殺死全部子進程。而後父進程本身也退出。全部進行中的請求將被強行停止,並且再也不接受其它請求。
其實在man httpd有這樣一個介紹
-k start|restart|graceful|stop|graceful-stop
Signals httpd to start, restart, or stop. See Stopping Apache for more information.
apachectl是Apache HTTP服務器的前端程序。其設計意圖是幫助管理員控制Apache httpd後臺守護進程。
apachectl腳本有兩種操做模式。
一、首先,做爲簡單的httpd的前端程序,設置全部必要的環境變量,而後啓動httpd ,並傳遞全部的命令行參數。
二、其次,做爲SysV初始化腳本,接受簡單的一個單詞的參數,如:start, restart, stop ,並把他們翻譯爲適當的信號發送給httpd
。
若是你的Apache安裝在非標準的路徑中,你將須要修改apachectl腳本使其中的路徑正確地指向httpd程序。此外,還能夠指定任何須要的httpd命令行參數。細節能夠參見腳本中的註解。
apachectl腳本若是執行成功,則返回0 ;若是出錯,則其返回值>0 。更多細節能夠參見腳本中的註解。
在扮演傳遞角色時,apachectl能夠接受對httpd程序有效的全部參數。
apachectl [ httpd-argument ]
在SysV初始化模式中,apachectl只接受簡單的一個單詞的命令,以下:
apachectl command
下列僅說明了SysV初始化類型的選項,其餘參數的說明見httpd手冊頁。
start
啓動Apache httpd後臺守護進程。若是已經啓動,則產生一個錯誤。它等價於 apachectl -k start 。
stop
中止Apache httpd後臺守護進程。它等價於 apachectl -k stop 。
restart
從新啓動Apache httpd後臺守護進程。若是守護進程還沒有運行,則啓動它。在從新啓動守護進程以前,此命令會使用configtest自動檢查配置文件,以確保Apache不會死掉。它等價於 apachectl -k restart 。
fullstatus
顯示由mod_status提供的完整的狀態報告。要使用這個功能,須要啓用服務器上的mod_status模塊,而且系統中有一個基於文本的瀏覽器,如lynx 。修改腳本中的STATUSURL變量,能夠修改訪問狀態報告的URL 。
status
顯示一個簡要的狀態報告。它相似於fullstatus選項,可是省略了正在處理的請求的列表。
graceful
優雅地從新啓動Apache httpd後臺守護進程。若是守護進程還沒有啓動,則啓動它。它和標準從新啓動的不一樣之處在於:不會中斷當前已經打開的鏈接,也不會當即關閉日誌。這意味着,若是在日誌滾動腳本使用它,則在處理日誌以前必須加入一個實實在在的延遲,以確保老的日誌文件在被處理前已經關閉。在從新啓動守護進程以前,此命令會使用configtest自動檢查配置文件,以確保Apache不會死掉。它等價於 apachectl -k graceful 。
graceful-stop
優雅地中止Apache httpd後臺守護進程。它和標準中止的不一樣之處在於:不會中斷當前已經打開的鏈接,也不會當即關閉日誌。它等價於 apachectl -k graceful-stop 。
configtest
執行一次配置文件語法檢查。它解析配置文件,並報告 Syntax Ok 或者是特定的語法錯誤詳細信息。它等價於 apachectl -t 。
下列選項僅在早期版本中使用,如今已經被廢棄了。
startssl
以支持SSL的方式啓動httpd ,你應當編輯配置文件,並在其中包含與SSL支持相關的指令,而後使用 apachectl start 啓動服務器。
僞靜態
http://baike.baidu.com/link?url=I-21EmJmbOmzvK6HuhS1-R39lITINPdgHPeIrSMiuf9PxRcryz8hSWX5E5FzkuZs8qihikAGQUifbQuZGdhOo4PSDZQg4k41dX2Xk6pvXsOHNpbHiaPXpi0pjC9JfMc2
僞靜態是相對真實靜態來說的,一般咱們爲了加強搜索引擎的友好面,都將文章內容生成靜態頁面,可是有的朋友爲了實時的顯示一些信息。或者還想運用動態腳本解決一些問題。不能用靜態的方式來展現網站內容。可是這就損失了對搜索引擎的友好面。怎麼樣在二者之間找個中間方法呢,這就產生了僞靜態技術。就是展現出來的是以html一類的靜態頁面形式,但實際上是用ASP一類的動態腳原本處理的。
用IIS的404錯誤處理機制來實現的。這個比rewrite技術要靈活的多。
這樣。用戶或蜘蛛看到的URL仍是他訪問的URL.而咱們對內容的處理上能夠用到了動態技術。這就是咱們想要的結果。說得簡單了一些。可是基本思路就是這樣了。
區別靜態
從URL結構以及頁面名稱看,僞靜態和靜態頁面是同樣的。僞靜態的頁面後綴能夠是html htm 或者是目錄格式
僞靜態只是改變了URL的表現形式,實際上仍是動態頁面
靜態頁面能夠節省服務器資源,而僞靜態嚴格說是增長服務器資源消耗的
總結,在SEO方面,僞靜態和靜態頁面的功能是相同的,可是僞靜態本質上仍是動態頁面,因此消耗資源是和動態頁面同樣的,並且由於Rewrite服務器還須要消耗額外的資源。
logstash的角色:shipper和indexer P83
logstash做爲無狀態的軟件,配合消息隊列系統,能夠作線性擴展,兩個消息隊列系統:kafka和redis
rsyslog P95
rsyslog從v6版本開始,設計了一套rainerscript做爲配置中的DSL
rsyslog從v7版本開始帶有omelasticsearch插件能夠直接寫入數據到elasticsearch集羣
rsyslog當前官方穩定版是v8
rpm -qa|grep syslog
rsyslog-5.8.10-10.el6_6.x86_64
f