centos LAMP第二部分apache配置下載discuz！配置第一個虛擬主機安裝Discuz！用戶認證配置域名跳轉配置apache的訪問日誌配置靜態文件緩存配置防盜鏈訪問控制 a

時間 2019-11-09

標籤 centos lamp 第二部分 apache 配置下載 discuz 第一個虛擬主機安裝用戶認證域名訪問日誌靜態文件緩存防盜控制欄目 CentOS 简体版

原文原文鏈接

centos LAMP第二部分apache配置下載discuz！配置第一個虛擬主機安裝Discuz！用戶認證配置域名跳轉配置apache的訪問日誌配置靜態文件緩存配置防盜鏈訪問控制 apache rewrite 配置開機啓動apache tcpdump 第二十節課javascript

不管是apache 仍是nginx，都會有一個默認的虛擬主機 virtual hostphp

多個vhost均可以用同一個配置文件css

安裝兩個Apache，兩個apache能夠共存,可是要使用不一樣的端口html

主配置文件：/usr/local/apache2/conf/httpd.conf
虛擬主機配置文件：/usr/local/apache2/conf/extra/httpd-vhosts.conf前端

上半節課java

下載discuz！
配置第一個虛擬主機
安裝Discuz！
配置mysql，給Discuz！增長一個帳戶
Discuz設置注意事項
5. 用戶認證mysql

下半節課nginx

6. 配置域名跳轉
7. 配置apache的訪問日誌
8. 配置靜態文件緩存（其餘類型文件能夠到apache官方文檔裏面去搜）
9. 配置防盜鏈
10. 訪問控制（通常用在限制用戶登陸論壇後臺管理頁面）
11. apache rewrite相關web

tcpdumpajax

步驟

1. 下載discuz！
cd /download/
wget -c http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_GBK.zip
mkdir /data/www //放網站根目錄
cd /data/www
mv /download/Discuz_X3.2_SC_GBK.zip .
unzip Discuz_X3.2_SC_GBK.zip
mv upload/* . //把upload/目錄裏面的東西放到www目錄，即上一層目錄
cd ..
rm -rf Discuz_X3.2_SC_GBK.zip readme/ utility/ upload/ //把無用目錄刪掉

DiscuzX的包有兩種一種是utf8 一種是gbk：DiscuzX/3.2/Discuz_X3.2_SC_GBK.zip

2. 配置第一個虛擬主機
刪除/usr/local/apache2/conf/httpd.conf中的這行前面的井號

#Include conf/extra/httpd-vhosts.conf
vi /usr/local/apache2/conf/extra/httpd-vhosts.conf

默認已經有兩個vhost，先刪除一個，再配置另外一個以下：
<VirtualHost *:80>
DocumentRoot "/data/www"
ServerName www.123.com
</VirtualHost>

示例解釋
<VirtualHost *:80>
28 ServerAdmin webmaster@dummy-host.example.com  管理員郵箱
29 DocumentRoot "/usr/local/apache2/docs/dummy-host.example.com"   網站根目錄
30 ServerName dummy-host.example.com   域名
31 ServerAlias www.dummy-host.example.com    另外一個域名
32 ErrorLog "logs/dummy-host.example.com-error_log"   日誌
33 CustomLog "logs/dummy-host.example.com-access_log" common   訪問日誌
34 </VirtualHost>

測試配置文件是否正常： /usr/local/apache2/bin/apachectl -t

檢查/usr/local/apache2/conf/httpd.conf裏面是否是Allow from all

<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>

3. 安裝Discuz！
修改Windows機器的hosts文件，將Linux機器的ip跟www.123.com綁定：192.168.11.190 www.123.com

瀏覽器輸入：
www.123.com/install/
根據提示，修改對應目錄的權限
cd /data/www
chown -R daemon:daemon data uc_server/data uc_client/data config // 讓這幾個目錄支持apache運行賬號可寫

4. 配置mysql，給Discuz！增長一個帳戶

檢查mysql是否已經啓動：ps aux |grep mysql
將mysql 加入到PATH環境變量
在/etc/profile加入：export PATH=$PATH:/usr/local/mysql/bin ，而後source一下： source /etc/profile

給root指定一個密碼：mysqladmin -uroot password '123456'

給mysql root帳戶設置密碼，而後命令行進入mysql，建立新的庫，並建立一個新的賬號對該庫有全部權限：
> create database discuz;
> grant all on discuz.* to 'root'@'localhost' identified by '123456';
> quit

5. Discuz設置注意事項

一、論壇裏面的驗證碼要安裝php的gd模塊

二、管理中內心的install/index.php 要刪除

cd /data/www
rm -f  install/index.php

功能設置

5. 用戶認證
http://www.lishiming.net/thread-554-1-1.html

虛擬主機配置文件中，須要加入
<Directory /data/web/test>
AllowOverride AuthConfig
</Directory>

而後在虛擬主機的主目錄，即DocumentRoot 目錄下
vi /data/web/test/.htaccess

加入
AuthName "frank share web"
AuthType Basic
AuthUserFile /data/web/test/.htpasswd
require valid-user

保存後，而後
建立apache的驗證用戶

htpasswd -c /data/web/test/.htpasswd test
#第一次建立用戶要用到-c 參數第2次添加用戶，就不用-c參數

若是你想修改密碼，能夠以下

htpasswd -m .htpasswd test2

重啓apache，便可。

到此，你已經配置完成。下面介紹另外一種方式：
##################################
vi http.conf
在相應的虛擬主機配置文件段，加入
<Directory *> 也能夠寫虛擬主機目錄路徑：<Directory /data/web/test>
AllowOverride AuthConfig
AuthName "自定義的"
AuthType Basic
AuthUserFile /data/.htpasswd # 這裏的/data/.htpasswd你能夠隨便寫一個路徑或名字，沒有限制
require valid-user
</Directory>

保存後，而後
建立apache的驗證用戶

htpasswd -cm /data/.htpasswd test

增長第二個用戶的時候，就不要加-c了，由於-c是建立的意思，若是加上會把這個文件重寫。

--MD5加密
/usr/local/apache2/bin/htpasswd -cm /data/.htpasswd aming

看一下第35行爲什麼報錯：vi +35 /usr/local/apache2/conf/extra/httpd-vhosts.conf

操做系統沒有GBK編碼，用的是utf8

discuz用的GBK版本

修改apache字符集

http://blog.chinaunix.net/uid-23078678-id-2974411.html
修改apache的配置文件httpd.conf
默認爲:AddDefaultCharset UTF-8
修改成:AddDefaultCharset GBK2312

而後重啓apache生效!

6. 配置域名跳轉

/usr/local/apache2/conf/extra/httpd-vhosts.conf

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.domain1.com$
RewriteRule ^/(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>
若是是多個域名，能夠這樣設置：
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.domain.com [OR] //注意www.domain.com [OR] 之間有空格
RewriteCond %{HTTP_HOST} ^www.domain1.com$
RewriteRule ^/(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>
或者： <IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.domain2.com$
RewriteRule ^/(.*)$ http://www.domain2.com/$1 [R=301,L]
</IfModule>

www.a.com跳轉到www.1.com

示例

vi  /usr/local/apache2/conf/extra/httpd-vhosts.conf
//添加

#配置域名跳轉
<IfModule mod_rewrite.c>
RewriteEngine on   //首先把引擎打開
RewriteCond %{HTTP_HOST} ^www.a.com$     //判斷條件 域名是www.a.com的時候
RewriteRule ^/(.*)$ http://www.1.com/$1 [R=301,L]       //跳轉到www.1.com  302暫時跳轉 301永久跳轉
</IfModule>

7. 配置apache的訪問日誌

apache訪問日誌，日誌切割，歸檔，防止大文件爆滿，有4種log

日誌格式

/usr/local/apache2/conf/httpd.conf

<IfModule log_config_module>
    243     #
    244     # The following directives define some format nicknames for use with
    245     # a CustomLog directive (see below).
    246     #
    247     LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    248     LogFormat "%h %l %u %t \"%r\" %>s %b" common

%h 遠程主機
%l 遠程主機登陸名稱
%u 認證用戶
%t 事件產生時間
%r 請求報文的第一行（方法、資源、版本號）
%>s 最後一個請求對應的狀態嗎
%b 響應報文的大小
%Referer 從哪一個頁面來的，好比從百度來的
%user-Agent 客戶端瀏覽器類型

配置日誌

/usr/local/apache2/conf/extra/httpd-vhosts.conf

#配置日誌
ErrorLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/oem.discuz.qq.com-error_%Y%m%d.log 86400" 
SetEnvIf Request_URI ".*\.gif$" image-request
SetEnvIf Request_URI ".*\.jpg$" image-request
SetEnvIf Request_URI ".*\.png$" image-request
SetEnvIf Request_URI ".*\.bmp$" image-request
SetEnvIf Request_URI ".*\.swf$" image-request
SetEnvIf Request_URI ".*\.js$" image-request
SetEnvIf Request_URI ".*\.css$" image-request
CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/oem.discuz.qq.com-access_%Y%m%d.log 86400" combined env=!image-request //不記錄圖片請求日誌

配置完日誌後檢查語法

/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart

配置文件中下面這一段的意思是不記錄靜態文件訪問的日誌
*********************************
env=!image-request
SetEnvIf Request_URI ".*\.gif$" image-request 正則 .*任意個任意字符 \脫義. gif $結尾的
*********************************

#配置日誌
ErrorLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/www.123.com-error_%Y%m%d.log 86400" 
SetEnvIf Request_URI ".*\.gif$" image-request
SetEnvIf Request_URI ".*\.jpg$" image-request
SetEnvIf Request_URI ".*\.png$" image-request
SetEnvIf Request_URI ".*\.bmp$" image-request
SetEnvIf Request_URI ".*\.swf$" image-request
SetEnvIf Request_URI ".*\.js$" image-request
SetEnvIf Request_URI ".*\.css$" image-request
CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/www.123.com-access_%Y%m%d.log 86400" combined env=!image-request

8. 配置靜態文件緩存（其餘類型文件能夠到apache官方文檔裏面去搜）

/usr/local/apache2/conf/extra/httpd-vhosts.conf

# 配置靜態文件緩存
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours" 
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</IfModule>

或者使用mod_headers模塊實現

<ifmodule mod_headers.c> 
# htm,html,txt類的文件緩存一個小時 
<filesmatch "\.(html|htm|txt)$"> 
header set cache-control "max-age=3600" 
</filesmatch> 
# css, js, swf類的文件緩存一個星期 
<filesmatch "\.(css|js|swf)$"> 
header set cache-control "max-age=604800" 
</filesmatch> 
# jpg,gif,jpeg,png,ico,flv,pdf等文件緩存一年 
<filesmatch "\.(ico|gif|jpg|jpeg|png|flv|pdf)$"> 
header set cache-control "max-age=29030400" 
</filesmatch> 
</ifmodule>

配置完靜態文件緩存後檢查語法

/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart

在網站根目錄下建立一個jpg文件進行測試

瀏覽器

應用

/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart
touch /data/www/1.jpeg
curl -x127.0.0.1:80  www.123.com/1.jpeg -I
HTTP/1.1 200 OK
Date: Tue, 20 Oct 2015 17:35:41 GMT
Server: Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28
Last-Modified: Tue, 20 Oct 2015 17:34:51 GMT
ETag: "e35a8-0-5228cadd9f7c1"
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Wed, 21 Oct 2015 17:35:41 GMT
Content-Type: image/jpeg

9. 配置防盜鏈

/usr/local/apache2/conf/extra/httpd-vhosts.conf

SetEnvIfNoCase Referer "^http://.*\.yourdomin\.com" local_ref
SetEnvIfNoCase Referer ".*\.yourdomin\.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>

# 配置防盜鏈
SetEnvIfNoCase Referer "^http://www.1.com" local_ref
SetEnvIfNoCase Referer "www.a.com" local_ref
SetEnvIfNoCase Referer "www.b.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref   //local_ref是配置的別名，容許local_ref配置裏面的內容
</filesmatch>

測試

/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart
curl -e "http://www.baidu.com/sdfsdf" -x127.0.0.1:80 www.1.com/1.txt -I
或者不加-e
curl -x127.0.0.1:80 www.1.com/1.txt -I

能夠看vhost的訪問日誌

應用

# 配置防盜鏈
     53 SetEnvIfNoCase Referer "^http://www.123.com" local_ref
     54 SetEnvIfNoCase Referer "^$" local_ref
     55 <filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
     56 Order Allow,Deny
     57 Allow from env=local_ref
     58 </filesmatch>
------------------------------------------------------

# touch /data/www/1.txt
# curl -e "http://www.baidu.com/sdfsdf" -x127.0.0.1:80 www.123.com/1.txt -I
HTTP/1.1 403 Forbidden
Date: Tue, 20 Oct 2015 17:45:49 GMT
Server: Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28
Content-Type: text/html; charset=iso-8859-1




# curl  -x127.0.0.1:80 www.123.com/1.txt -I
HTTP/1.1 200 OK
Date: Tue, 20 Oct 2015 17:46:21 GMT
Server: Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28
Last-Modified: Tue, 20 Oct 2015 17:45:27 GMT
ETag: "e35ae-0-5228cd3cca4c1"
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Tue, 20 Oct 2015 17:46:21 GMT
Content-Type: text/plain

立刻產生errorlog

# tail www.123.com-error_20151021.log 
[Wed Oct 21 01:35:23 2015] [error] [client 127.0.0.1] File does not exist: /data/www/1jpeg
[Wed Oct 21 01:45:49 2015] [error] [client 127.0.0.1] client denied by server configuration: /data/www/1.txt, referer: http://www.baidu.com/sdfsdf

10. 訪問控制（通常用在限制用戶登陸論壇後臺管理頁面）

/usr/local/apache2/conf/extra/httpd-vhosts.conf

# 訪問控制
<Directory /data/www/admin>  //通常只對很是重要的網站後臺管理目錄作限制
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>

測試

/usr/local/apache2/bin/apachectl -t
/usr/local/apache2/bin/apachectl restart
curl -x127.0.0.1:80 www.1.com/1.txt -I

參考文檔來源： http://jingyan.baidu.com/article/4b07be3c193d1648b380f3a9.html

1. 禁止訪問某些文件/目錄
增長Files選項來控制，好比要不容許訪問 .inc 擴展名的文件，保護php類庫：
<Files ~ "\.insc$">

2. 禁止訪問某些指定的目錄：（能夠用 <DirectoryMatch> 來進行正則匹配）
<Directory ~ "/var/www/(.+)*[0-9]{3}">
固然也能夠寫目錄全局路徑
<Directory /var/www/111>

3. 經過文件匹配來進行禁止，好比禁止全部針對圖片的訪問：
<Filesmatch (.*)php>

4. 針對URL相對路徑的禁止訪問
<Location /dir/>

<Directory /data/www/admin>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>

針對請求的uri去限制
<filesmatch "(.*)admin(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>

某個目錄下禁止解析php
<Directory /data/www/path>
php_admin_flag engine off
<filesmatch "(.*)php">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch>
</Directory>

主配置文件裏有這麼一段：/usr/local/apache2/conf/httpd.conf

找了半天終於找到了問題的根源，實際上是配置對了，只是咱們訪問的有點問題。
咱們訪問的地址是1.txt ，而在配置文件中咱們有配置一段防盜鏈
針對1.txt referer是空或者是1.com 都會直接容許訪問，問題就在這裏。當我再次訪問 forum.php的時候效果達到了。

應用

<Directory /data/www>   //只對網站後臺管理頁面進行控制
<filesmatch "admin.php">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</filesmatch> 
</Directory>

匹配

http://www.1.com/admin/admin.phpsdfsdfsdf
http://www.1.com/admin.phpwerewrwerwer
http://www.1.com/ewfwewefadmin.phpwerewrwerwer

<Directory /data/www/admin.php>   
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>

匹配

http://www.1.com/admin.php

#某個目錄下禁止解析php
<Directory /data/www/uc_server>
php_admin_flag engine off 
<filesmatch "(.*)php">
Order deny,allow
Deny from all
</filesmatch> 
</Directory>

應用

<Directory /data/www>
      <filesmatch "admin.php">
      Order deny,allow
      Deny from all
      Allow from 192.168.0.100
      Allow from 192.168.0.101
      </filesmatch>
</Directory>

非上面兩個ip的都不行

11. apache rewrite相關

RewriteCond 重寫條件
RewriteRule 重寫規則

[R=302]臨時跳轉 rewrite
[R=301]永久跳轉 rewrite

僞靜態就是你訪問一個動態頁面的時候URL是一串動態的字符，而配置了僞靜態以後URL變爲靜態，跟rewrite域名跳轉不同

apache 限制指定user_agent http://www.lishiming.net/thread-1033-1-1.html
apache 限制某些目錄不能訪問經過rewrite實現 http://www.lishiming.net/thread-3587-1-1.html
apache rewrite 出現死循環 http://www.lishiming.net/thread-1043-1-1.html

apache rewrite 出現死循環
網站夜間升級，所有頁面跳轉到網站公告頁面
除了公告頁面不跳轉，不然會出現死循環，公告頁面跳入公告頁面

discuz僞靜態配置：
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/topic-(.+)\.html$ /portal.php?mod=topic&topic=$1&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/article-([0-9]+)-([0-9]+)\.html$ /portal.php?mod=view&aid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/forum-(\w+)-([0-9]+)\.html$ /forum.php?mod=forumdisplay&fid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=viewthread&tid=$1&extra=page\%3D$3&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/group-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=group&fid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/space-(username|uid)-(.+)\.html$ /home.php?mod=space&$1=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/blog-([0-9]+)-([0-9]+)\.html$ /home.php?mod=space&uid=$1&do=blog&id=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/archiver/(fid|tid)-([0-9]+)\.html$ /archiver/index.php?action=$1&value=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/([a-z]+[a-z0-9_]*)-([a-z0-9_\-]+)\.html$ /plugin.php?id=$1:$2&%1

應用

將下面的代碼放在域名跳轉下面

RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/topic-(.+)\.html$ /portal.php?mod=topic&topic=$1&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/article-([0-9]+)-([0-9]+)\.html$ /portal.php?mod=view&aid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/forum-(\w+)-([0-9]+)\.html$ /forum.php?mod=forumdisplay&fid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=viewthread&tid=$1&extra=page\%3D$3&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/group-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=group&fid=$1&page=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/space-(username|uid)-(.+)\.html$ /home.php?mod=space&$1=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/blog-([0-9]+)-([0-9]+)\.html$ /home.php?mod=space&uid=$1&do=blog&id=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/archiver/(fid|tid)-([0-9]+)\.html$ /archiver/index.php?action=$1&value=$2&%1
RewriteCond %{QUERY_STRING} ^(.*)$
RewriteRule ^/([a-z]+[a-z0-9_]*)-([a-z0-9_\-]+)\.html$ /plugin.php?id=$1:$2&%1

vhost下面加功能

多個vhost對應多個端口

#
     19 NameVirtualHost *:80  //多個vhost寫多個端口
     20 NameVirtualHost *:8080
     21 #
     22 # VirtualHost example:
     23 # Almost any Apache directive may go into a VirtualHost container.
     24 # The first VirtualHost section is used for all requests that do not
     25 # match a ServerName or ServerAlias in any <VirtualHost> block.
     26 #
     27 <VirtualHost *:80>
     28     ServerAdmin webmaster@dummy-host.example.com
     29     DocumentRoot "/usr/local/apache2/docs/dummy-host.example.com"
     30     ServerName dummy-host.example.com
     31     ServerAlias www.dummy-host.example.com
     32     ErrorLog "logs/dummy-host.example.com-error_log"
     33     CustomLog "logs/dummy-host.example.com-access_log" common
     34 </VirtualHost>
     35 
     36 <VirtualHost *:80>
     37     ServerAdmin webmaster@dummy-host2.example.com
     38     DocumentRoot "/usr/local/apache2/docs/dummy-host2.example.com"
     39     ServerName dummy-host2.example.com

curl的瀏覽器標識 user-agent

http://www.jbxue.com/article/10287.html

今天學習使用apache系統自帶的rotatelogs工具對日誌進行截斷處理。

一，修改文件httpd.conf
注意：如下日誌文件存儲路徑均爲絕對路徑。

複製代碼代碼示例:
CustomLog "logs/access.log" common 原來的樣子
ErrorLog "logs/error.log"原來的樣子
CustomLog "|bin/rotatelogs /var/logs/logfile 86400" common 修改後的樣子
CustomLog "|bin/rotatelogs /var/logs/logfile 5M" common 修改後的樣子
ErrorLog "|bin/rotatelogs /var/logs/errorlog.%Y-%m-%d-%H_%M_%S 5M"
二，重啓apache服務，在指定的日誌目錄中驗證。

三：語法分析
rotatelogs [ -l ] logfile [ rotationtime [ offset ]] | [ filesizeM ]
該命令其實只有兩種選項用以對日誌文件logfile進行操做。且必須選擇其中一種方式。
第一種，rotationtime
日誌文件以秒爲單位滾動
第二種， filesizeM
指定以filesizeM文件大小滾動，而不是按照時間或時差滾動
舉例：ErrorLog "|bin/rotatelogs /var/logs/errorlog.%Y-%m-%d-%H_%M_%S 5M"

此配置會在錯誤日誌大小增加到5兆字節時滾動該日誌，日誌文件名後綴會按照以下格式建立：errorlog.YYYY-mm-dd-HH_MM_SS 。
選項 -l 和offset都是和時區相關的。

四：文件名稱格式

errorlog.%Y-%m-%d-%H_%M_%S-------------------errorlog.YYYY-mm-dd-HH_MM_SS
%A 星期名全稱(本地的)
%a 3個字符的星期名(本地的)
%B 月份名的全稱(本地的)
%b 3個字符的月份名(本地的)
%c 日期和時間(本地的)
%d 2位數的一個月中的日期數
%H 2位數的小時數(24小時制)
%I 2位數的小時數(12小時制)
%j 3位數的一年中的日期數
%M 2位數的分鐘數
%m 2位數的月份數
%p am/pm12小時制的上下午(本地的)
%S 2位數的秒數
%U 2位數的一年中的星期數(星期天爲一週的第一天)
%W 2位數的一年中的星期數(星期一爲一週的第一天)
%w 1位數的星期幾(星期天爲一週的第一天)
%X 時間(本地的)
%x 日期(本地的)
%Y 4位數的年份
%y 2位數的年份
%Z 時區名
%% 符號"%"自己
接下來介紹，按日期生成apache日誌文件及限制apache日誌文件大小的方法。

須要用到apache自帶的rotatelogs小工具
語法以下：
rotatelogs [ -l ] logfile [ rotationtime [ offset ]] | [ filesizeM ]

參數解釋：
-l ：使用本地時間代替GMT時間做爲時間基準。注意：在一個改變GMT偏移量(好比夏令時)的環境中使用-l會致使不可預料的結果。
logfile：它加上基準名就是日誌文件名。若是logfile中包含"%"，則它會被視爲用於strftime()的格式字符串；不然它會被自動加上以秒爲單位的".nnnnnnnnnn"後綴。

這兩種格式都表示新的日誌開始使用的時間。

rotationtime ：日誌文件滾動的以秒爲單位的間隔時間。
offset ：相對於UTC的時差的分鐘數。若是省略，則假定爲"0"並使用UTC時間。好比，要指定UTC時差爲"-5小時"的地區的當地時間，則此參數

應爲"-300"。
filesizeM ：指定以filesizeM文件大小滾動，而不是按照時間或時差滾動。

例子：
一、按時間滾動日誌文件：
錯誤日誌：

ErrorLog "|/data/apache/bin/rotatelogs 日誌存放目錄/%Y%m%d_error.log 86400 480"

訪問日誌：

CustomLog "|/data/apache/bin/rotatelogs 日誌存放目錄/%Y%m%d_access.log 86400 480" common
其中：
/data/apache：爲apache的安裝目錄，根據本身實際狀況肯定；
86400：秒，24小時，表示生成的日誌文件按天滾動，也就是天天生成一個日誌文件；
480：分，時間偏移。
同理能夠按小時滾動日誌文件，每隔一個小時，幾個小時。。。生成一個日誌文件。

擴展：能夠寫個腳本定時刪除日誌文件，只保留幾天的日誌，若是網站訪問量比較大，一天會生成幾十上百M甚至更大的日誌文件，既佔硬盤又影響服務器性能。

二、按大小滾動日誌文件：
錯誤日誌：

ErrorLog "|/data/apache/bin/rotatelogs -l 日誌存放目錄/%Y%m%d_error.log 5M"

訪問日誌：

CustomLog "|/data/apache/bin/rotatelogs -l 日誌存放目錄/%Y%m%d_access.log 5M" common
當日志文件達到5M時，滾動該日誌文件。

另外，說下apache日誌管理的相關知識。

web服務器日誌滾動的方法，經常使用的有以下三種：

1，利用Linux系統自身的日誌文件輪循機制：logrotate；
2，利用apache自帶的日誌輪循程序rotatelogs；
3，使用在apache的FAQ中推薦發展已經比較成熟的一個日誌輪循工具cronolog。
這裏介紹下apache自帶的日誌滾動程序rotatelogs，並用shell腳本按期刪除日誌文件，只保留近3天的文件，以避免日誌文件佔滿磁盤空間。
修改apache服務器的主配置文件httpd.conf，找到如下內容，並修改爲：

ErrorLog /var/log/httpd/error_log
CustomLog "|/usr/local/apache2/bin/rotatelogs /var/log/httpd/access_log 86400 400M" combined

86400 ---日誌滾動的時間是一天
400---日誌文件最大400M就滾動
combined ---採用複合格式

而後，創建清除日誌文件的shell腳本，文件名爲clean_log

#! /bin/bash
logdir=/var/log/httpd
cd ${logdir}
declare -i filesum=`ls access_log.* | wc -l`
declare -i delnum=$filesum-3
if [ "${delnum}" -ge 1 ];then
rm -rf `ls -tr access_log.* | head -${delnum}`
fi

#加上執行權限

chmod 755 clean_log

保留最近3天的日誌文件。

建立自動化任務：

01 04 * * * /usr/local/crontab/clean_log

PHP的擴展庫

GD圖片處理庫

修改目錄權限

根據提示，修改對應目錄的權限
cd /data/www
chown -R daemon:daemon data uc_server/data uc_client/data config // 讓這幾個目錄支持apache運行賬號可寫

配置開機啓動apache

echo '/usr/local/apache2/bin/apachectl  start'>>/etc/rc.local

注意：不能使用/etc/init.d/httpd的方式！

還有虛擬機安裝了兩個httpd，一個rpm版本，一個編譯安裝版，致使修改了vhosts配置文件以後，執行apachectl -restart的時候新修改的內容不生效

解決辦法是刪除rpm版本的httpd

rpm -qa |grep httpd
rpm -e httpd-2.2.15-39.el6.centos.x86_64
rpm -qa |grep httpd

http://www.apelearn.com/bbs/thread-9146-1-1.html

編譯安裝安裝方式不支持將apachectl放入/etc/init.d/httpd
RPM包方式才支持將apachectl放入/etc/init.d/httpd

tcpdump抓包

tcpdump -nn -i eth1 -s 0 host 192.168.0.100 and dst port 80 and dst 192.168.0.106 //由於只顯示目標端口和目標ip因此單向

listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
06:44:35.903095 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [S], seq 1723280863, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
06:44:35.905358 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 3341746770, win 16425, length 0
06:44:35.905378 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [P.], seq 0:1163, ack 1, win 16425, length 1163
06:44:35.967826 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 2921, win 16425, length 0
06:44:35.968025 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 5841, win 16425, length 0
06:44:35.968165 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 8761, win 16425, length 0
06:44:35.968295 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 11681, win 16425, length 0
06:44:35.968466 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 14601, win 16425, length 0
06:44:35.968693 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [.], ack 16254, win 16425, length 0
06:44:36.016064 IP 192.168.0.100.61934 > 192.168.0.106.80: Flags [P.], seq 1163:2416, ack 16259, win 16423, length 1253

點擊一下默認板塊產生不少包

# tcpdump -nn -i eth1 -s 0 tcp and port 80 and host 192.168.0.100 and host 192.168.0.106 //指定了端口通常也要指定協議由於兩個都是host因此會顯示雙向
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
06:55:33.624605 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [S], seq 1337810073, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
06:55:33.624658 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [S.], seq 3180963847, ack 1337810074, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0
06:55:33.625110 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 1, win 16425, length 0
06:55:33.625122 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [P.], seq 1:1149, ack 1, win 16425, length 1148
06:55:33.625162 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], ack 1149, win 264, length 0
06:55:33.684537 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 1:2921, ack 1149, win 264, length 2920
06:55:33.684796 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 2921, win 16425, length 0
06:55:33.684886 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 2921:5841, ack 1149, win 264, length 2920
06:55:33.685506 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 5841, win 16425, length 0
06:55:33.685576 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 5841:8761, ack 1149, win 264, length 2920
06:55:33.685782 IP 192.168.0.100.62324 > 192.168.0.106.80: Flags [.], ack 8761, win 16425, length 0
06:55:33.687586 IP 192.168.0.106.80 > 192.168.0.100.62324: Flags [.], seq 8761:11681, ack 1149, win 264, length 2920

httpd的訪問日誌

C:\Users\Name\Desktop\apache 2015-10-26 logs\access_log

127.0.0.1 - - [12/Oct/2015:13:35:03 +0800] "GET /1.php HTTP/1.1" 200 26
192.168.0.101 - - [12/Oct/2015:13:35:43 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.0.101 - - [12/Oct/2015:13:35:44 +0800] "GET /1.php HTTP/1.1" 200 26
192.168.0.101 - - [12/Oct/2015:13:35:44 +0800] "GET /1.php HTTP/1.1" 200 26
127.0.0.1 - - [12/Oct/2015:13:38:53 +0800] "GET /1.php HTTP/1.1" 200 51497
192.168.0.101 - - [12/Oct/2015:13:39:01 +0800] "GET /1.php HTTP/1.1" 200 52807
192.168.0.101 - - [12/Oct/2015:13:39:01 +0800] "GET /1.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524
192.168.0.101 - - [12/Oct/2015:13:39:01 +0800] "GET /1.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
192.168.0.101 - - [12/Oct/2015:13:39:02 +0800] "GET /favicon.ico HTTP/1.1" 404 209
127.0.0.1 - - [12/Oct/2015:13:39:18 +0800] "OPTIONS * HTTP/1.0" 200 -
127.0.0.1 - - [12/Oct/2015:13:39:19 +0800] "OPTIONS * HTTP/1.0" 200 -
192.168.0.101 - - [21/Oct/2015:00:13:53 +0800] "GET /install/ HTTP/1.1" 200 7268

192.168.0.101 - - [21/Oct/2015:00:13:54 +0800] "GET /install/images/bg_footer.gif HTTP/1.1" 200 116
192.168.0.101 - - [21/Oct/2015:00:14:03 +0800] "GET /install/index.php?step=1&uchidden=&submit=%CE%D2%CD%AC%D2%E2 HTTP/1.1" 200 5723
192.168.0.101 - - [21/Oct/2015:00:14:03 +0800] "GET /install/images/bg_stepstatus.gif HTTP/1.1" 200 259
192.168.0.101 - - [21/Oct/2015:00:14:03 +0800] "GET /install/images/stepnum.gif HTTP/1.1" 200 2632
127.0.0.1 - - [21/Oct/2015:00:14:11 +0800] "OPTIONS * HTTP/1.0" 200 -
127.0.0.1 - - [21/Oct/2015:00:14:12 +0800] "OPTIONS * HTTP/1.0" 200 -
192.168.0.101 - - [21/Oct/2015:00:15:19 +0800] "POST /install/index.php HTTP/1.1" 200 3455
192.168.0.101 - - [21/Oct/2015:00:15:25 +0800] "POST /install/index.php HTTP/1.1" 302 -
192.168.0.101 - - [21/Oct/2015:00:15:25 +0800] "GET /install/index.php?step=3&install_ucenter=yes HTTP/1.1" 200 3524
192.168.0.101 - - [21/Oct/2015:00:18:46 +0800] "-" 408 -
127.0.0.1 - - [21/Oct/2015:00:18:46 +0800] "OPTIONS * HTTP/1.0" 200 -
192.168.0.101 - - [21/Oct/2015:00:25:32 +0800] "POST /install/index.php HTTP/1.1" 200 32719
192.168.0.101 - - [21/Oct/2015:00:25:39 +0800] "GET /misc.php?mod=initsys HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:25:46 +0800] "GET /install/index.php?method=ext_info HTTP/1.1" 200 1267
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET / HTTP/1.1" 301 -
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /forum.php HTTP/1.1" 200 12593
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /data/cache/style_1_forum_index.css?pss HTTP/1.1" 200 3665
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /data/cache/style_1_common.css?pss HTTP/1.1" 200 69562
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /data/cache/style_1_widthauto.css?pss HTTP/1.1" 200 1483
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/js/common.js?pss HTTP/1.1" 200 63289
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/js/forum.js?pss HTTP/1.1" 200 22720
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/js/logging.js?pss HTTP/1.1" 200 603

192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/search.png HTTP/1.1" 200 1301
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/nv.png HTTP/1.1" 200 1939
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/nv_a.png HTTP/1.1" 200 2076

192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358368 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:08 +0800] "GET /static/image/common/scrolltop.png HTTP/1.1" 200 1383
127.0.0.1 - - [21/Oct/2015:00:26:16 +0800] "OPTIONS * HTTP/1.0" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:29 +0800] "GET /static/js/ajax.js?pss HTTP/1.1" 200 7835
192.168.0.101 - - [21/Oct/2015:00:26:29 +0800] "POST /member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1 HTTP/1.1" 200 396
192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /member.php?mod=logging&action=login&auth=29daT789VZ8C8zjE0ImpSpwPwzApkK2NKDrzbc6qlNvfyAN112%2FCRomzwA&referer=http%3A%2F%2Fwww.123.com%2Fforum.php&infloat=yes&handlekey=login&inajax=1&ajaxtarget=fwin_content_login HTTP/1.1" 200 3747
192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/js/common_extra.js?pss HTTP/1.1" 200 46875
192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/image/common/cls.gif HTTP/1.1" 200 526
192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/image/common/right.gif HTTP/1.1" 200 678
192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSAnX92XB&0.24064634722004718&modid=member::logging HTTP/1.1" 200 1528
192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /static/image/common/none.gif HTTP/1.1" 200 43
192.168.0.101 - - [21/Oct/2015:00:26:30 +0800] "GET /misc.php?mod=seccode&update=40780&idhash=cSAnX92XB HTTP/1.1" 200 158
192.168.0.101 - - [21/Oct/2015:00:26:36 +0800] "GET /static/image/common/loading.gif HTTP/1.1" 200 875
192.168.0.101 - - [21/Oct/2015:00:26:36 +0800] "GET /misc.php?mod=seccode&action=check&inajax=1&modid=member::logging&idhash=cSAnX92XB&secverify=ctcj HTTP/1.1" 200 70
192.168.0.101 - - [21/Oct/2015:00:26:36 +0800] "GET /static/image/common/check_right.gif HTTP/1.1" 200 296
00 -

192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/refresh.png HTTP/1.1" 200 1074
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358408 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /data/cache/common_smilies_var.js?pss HTTP/1.1" 200 3400
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /home.php?mod=spacecp&ac=pm&op=checknewpm&rand=1445358408 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765216946 HTTP/1.1" 200 13536
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSLszz2X&0.721008357087331&modid=forum::forumdisplay HTTP/1.1" 200 1519

192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/shutup.gif HTTP/1.1" 200 2500
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/sleepy.gif HTTP/1.1" 200 2375
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/hug.gif HTTP/1.1" 200 1054
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/victory.gif HTTP/1.1" 200 1275
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/time.gif HTTP/1.1" 200 687
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/kiss.gif HTTP/1.1" 200 987
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/handshake.gif HTTP/1.1" 200 1322
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/smiley/default/call.gif HTTP/1.1" 200 603
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=patch&action=checkpatch&rand=1445358408 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/folder_new.gif HTTP/1.1" 200 235
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /static/image/common/pollsmall.gif HTTP/1.1" 200 600
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=seccode&update=62355&idhash=cSLszz2X HTTP/1.1" 200 158
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=patch&action=ipnotice&_r=0.15455305205052006&inajax=1&ajaxtarget=ip_notice HTTP/1.1" 200 63
192.168.0.101 - - [21/Oct/2015:00:26:50 +0800] "GET /static/image/common/uploadbutton_small.png HTTP/1.1" 200 690
192.168.0.101 - - [21/Oct/2015:00:26:49 +0800] "GET /misc.php?mod=patch&action=pluginnotice&inajax=1&ajaxtarget=plugin_notice HTTP/1.1" 200 63
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /data/cache/style_1_forum_post.css?pss HTTP/1.1" 200 7059

192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line5.png HTTP/1.1" 200 528
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/0.gif HTTP/1.1" 200 1013
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line4.png HTTP/1.1" 200 133
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line1.png HTTP/1.1" 200 164
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line9.png HTTP/1.1" 200 187
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/5.gif HTTP/1.1" 200 1602
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line2.png HTTP/1.1" 200 711
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/line7.png HTTP/1.1" 200 365
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/hrline/2.gif HTTP/1.1" 200 3343
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /misc.php?css=1_wysiwyg&pss HTTP/1.1" 200 559
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /data/cache/style_1_forum_calendar.css?pss HTTP/1.1" 200 1161
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358410 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /home.php?mod=spacecp&ac=pm&op=checknewpm&rand=1445358410 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765219307 HTTP/1.1" 200 13536
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765219353 HTTP/1.1" 200 13536
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /misc.php?mod=patch&action=checkpatch&rand=1445358410 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSaG588y&0.2836799351813733&modid=forum::post HTTP/1.1" 200 1503
192.168.0.101 - - [21/Oct/2015:00:26:52 +0800] "GET /misc.php?mod=patch&action=ipnotice&_r=0.9286310464287497&inajax=1&ajaxtarget=ip_notice HTTP/1.1" 200 63
192.168.0.101 - - [21/Oct/2015:00:26:52 +0800] "GET /misc.php?mod=seccode&update=42232&idhash=cSaG588y HTTP/1.1" 200 158
192.168.0.101 - - [21/Oct/2015:00:26:51 +0800] "GET /forum.php?mod=relatekw&subjectenc=&messageenc=&inajax=1&ajaxtarget=tagselect HTTP/1.1" 200 63
192.168.0.101 - - [21/Oct/2015:00:26:52 +0800] "GET /misc.php?mod=patch&action=pluginnotice&inajax=1&ajaxtarget=plugin_notice HTTP/1.1" 200 63
192.168.0.101 - - [21/Oct/2015:00:26:57 +0800] "GET /forum.php?mod=relatekw&subjectenc=test&messageenc=&inajax=1&ajaxtarget=tagselect HTTP/1.1" 200 63
192.168.0.101 - - [21/Oct/2015:00:27:04 +0800] "GET /misc.php?mod=seccode&action=check&inajax=1&modid=forum::post&idhash=cSaG588y&secverify=cj6j HTTP/1.1" 200 70
192.168.0.101 - - [21/Oct/2015:00:27:06 +0800] "GET /misc.php?mod=seccode&action=check&inajax=1&modid=forum::post&idhash=cSaG588y&secverify=cj6j HTTP/1.1" 200 70
127.0.0.1 - - [21/Oct/2015:00:27:13 +0800] "OPTIONS * HTTP/1.0" 200 -
192.168.0.101 - - [21/Oct/2015:00:27:25 +0800] "POST /forum.php?mod=post&action=newthread&fid=2&extra=&topicsubmit=yes HTTP/1.1" 301 -
192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /static/image/common/uploadbutton.png HTTP/1.1" 200 1391
192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /static/image/common/uploadbutton.png HTTP/1.1" 200 1391
192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /forum.php?mod=viewthread&tid=1&extra= HTTP/1.1" 200 32905
192.168.0.101 - - [21/Oct/2015:00:27:26 +0800] "GET /data/cache/style_1_forum_viewthread.css?pss HTTP/1.1" 200 46079

192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /static/image/common/fastreply.gif HTTP/1.1" 200 608
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /static/image/common/swfupload.swf?preventswfcaching=1445765254727 HTTP/1.1" 200 13536
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /home.php?mod=misc&ac=sendmail&rand=1445358446 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=seccode&action=update&idhash=cSUsRRzX&0.7534482570377987&modid=forum::viewthread HTTP/1.1" 200 1515
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /home.php?mod=spacecp&ac=pm&op=checknewpm&rand=1445358446 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=patch&action=checkpatch&rand=1445358446 HTTP/1.1" 200 -
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=seccode&update=24492&idhash=cSUsRRzX HTTP/1.1" 200 158
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=patch&action=ipnotice&_r=0.2202783499608713&inajax=1&ajaxtarget=ip_notice HTTP/1.1" 200 63
192.168.0.101 - - [21/Oct/2015:00:27:27 +0800] "GET /misc.php?mod=patch&action=pluginnotice&inajax=1&ajaxtarget=plugin_notice HTTP/1.1" 200 63
127.0.0.1 - - [21/Oct/2015:00:27:35 +0800] "OPTIONS * HTTP/1.0" 200 -
192.168.0.101 - - [21/Oct/2015:00:31:40 +0800] "GET /admin.php HTTP/1.1" 200 2568
192.168.0.101 - - [21/Oct/2015:00:31:40 +0800] "GET /static/image/admincp/admincp.css HTTP/1.1" 200 33246
192.168.0.101 - - [21/Oct/2015:00:31:41 +0800] "GET /static/image/admincp/bg_login.gif HTTP/1.1" 200 475
192.168.0.101 - - [21/Oct/2015:00:31:41 +0800] "GET /static/image/admincp/login_title.gif HTTP/1.1" 200 3121
192.168.0.101 - - [21/Oct/2015:00:31:46 +0800] "POST /admin.php? HTTP/1.1" 302 -
192.168.0.101 - - [21/Oct/2015:00:31:46 +0800] "GET /admin.php? HTTP/1.1" 200 37555
192.168.0.101 - - [21/Oct/2015:00:31:47 +0800] "GET /static/image/admincp/admincp.css?pss HTTP/1.1" 200 33246
192.168.0.101

httpd的錯誤日誌

C:\Users\Name\Desktop\apache 2015-10-26 logs\error_log

[Mon Oct 12 13:02:20 2015] [notice] Digest: generating secret for digest authentication ...
[Mon Oct 12 13:02:20 2015] [notice] Digest: done
[Mon Oct 12 13:02:20 2015] [notice] Apache/2.2.27 (Unix) DAV/2 configured -- resuming normal operations
[Mon Oct 12 13:33:01 2015] [notice] SIGHUP received.  Attempting to restart
[Mon Oct 12 13:33:01 2015] [notice] Digest: generating secret for digest authentication ...
[Mon Oct 12 13:33:01 2015] [notice] Digest: done
[Mon Oct 12 13:33:01 2015] [notice] Apache/2.2.27 (Unix) DAV/2 configured -- resuming normal operations
[Mon Oct 12 13:35:43 2015] [error] [client 192.168.0.101] File does not exist: /usr/local/apache2/htdocs/favicon.ico
[Mon Oct 12 13:37:05 2015] [notice] SIGHUP received.  Attempting to restart
[Mon Oct 12 13:37:05 2015] [notice] Digest: generating secret for digest authentication ...
[Mon Oct 12 13:37:05 2015] [notice] Digest: done
[Mon Oct 12 13:37:05 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations
[Mon Oct 12 13:38:23 2015] [notice] caught SIGTERM, shutting down
[Mon Oct 12 13:38:27 2015] [notice] Digest: generating secret for digest authentication ...
[Mon Oct 12 13:38:27 2015] [notice] Digest: done
[Mon Oct 12 13:38:27 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations
[Mon Oct 12 13:38:53 2015] [error] [client 127.0.0.1] PHP Warning:  phpinfo() [<a href='function.phpinfo'>function.phpinfo</a>]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Chongqing' for 'CST/8.0/no DST' instead in /usr/local/apache2/htdocs/1.php on line 3
[Mon Oct 12 13:39:01 2015] [error] [client 192.168.0.101] PHP Warning:  phpinfo() [<a href='function.phpinfo'>function.phpinfo</a>]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Chongqing' for 'CST/8.0/no DST' instead in /usr/local/apache2/htdocs/1.php on line 3
[Mon Oct 12 13:39:02 2015] [error] [client 192.168.0.101] File does not exist: /usr/local/apache2/htdocs/favicon.ico
[Mon Oct 12 13:43:21 2015] [notice] caught SIGTERM, shutting down
[Wed Oct 21 00:13:39 2015] [notice] Digest: generating secret for digest authentication ...
[Wed Oct 21 00:13:39 2015] [notice] Digest: done
[Wed Oct 21 00:13:39 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations
[Wed Oct 21 00:26:51 2015] [error] [client 192.168.0.101] File does not exist: /data/www/static/js/common_postimg.js, referer: http://www.123.com/forum.php?mod=post&action=newthread&fid=2
[Wed Oct 21 01:24:54 2015] [notice] SIGHUP received.  Attempting to restart
[Wed Oct 21 01:24:54 2015] [notice] Digest: generating secret for digest authentication ...
[Wed Oct 21 01:24:54 2015] [notice] Digest: done
[Wed Oct 21 01:24:54 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations
[Wed Oct 21 01:34:30 2015] [notice] SIGHUP received.  Attempting to restart
[Wed Oct 21 01:34:30 2015] [notice] Digest: generating secret for digest authentication ...
[Wed Oct 21 01:34:30 2015] [notice] Digest: done
[Wed Oct 21 01:34:30 2015] [notice] Apache/2.2.27 (Unix) DAV/2 PHP/5.3.28 configured -- resuming normal operations
[Wed Oct 21 01:44:44 2015] [notice] SIGHUP received.  Attempting to restart
[Wed Oct 21 01:44:44 2015] [notice] Digest: generating secret for digest authentication ...

vhosts訪問日誌

C:\Users\Name\Desktop\apache 2015-10-26 logs\www.123.com-access_20151021.log
192.168.0.122 - - [21/Oct/2015:02:12:18 +0800] "GET /admin.php HTTP/1.1" 403 211 "http://www.123.com/forum.php?mod=viewthread&tid=1&extra=" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)"
192.168.0.122 - - [21/Oct/2015:02:12:18 +0800] "GET /admin.php HTTP/1.1" 403 211 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)"

vhosts錯誤日誌

www.123.com-error_20151021
[Wed Oct 21 01:35:23 2015] [error] [client 127.0.0.1] File does not exist: /data/www/1jpeg
[Wed Oct 21 01:45:49 2015] [error] [client 127.0.0.1] client denied by server configuration: /data/www/1.txt, referer: http://www.baidu.com/sdfsdf
[Wed Oct 21 02:12:18 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php?mod=viewthread&tid=1&extra=
[Wed Oct 21 02:12:18 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php
[Wed Oct 21 02:12:28 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php
[Wed Oct 21 02:12:28 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php
[Wed Oct 21 02:13:24 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php?mod=viewthread&tid=1&extra=page%3D1
[Wed Oct 21 02:13:24 2015] [error] [client 192.168.0.122] client denied by server configuration: /data/www/admin.php
[Wed Oct 21 02:14:48 2015] [error] [client 192.168.0.106] client denied by server configuration: /data/www/admin.php
[Wed Oct 21 04:04:35 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php, referer: http://www.123.com/forum.php?mod=forumdisplay&fid=2
[Wed Oct 21 04:04:35 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php
[Wed Oct 21 04:04:51 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php
[Wed Oct 21 04:04:51 2015] [error] [client 192.168.0.133] client denied by server configuration: /data/www/admin.php

安裝centos的時候必定要最小化安裝，不然會默認安裝上rpm版的apache

rpm -qa |grep httpd ，公司臺機不是最小化安裝

騰訊雲也是已經安裝rpm版httpd

擴展閱讀

http://zhidao.baidu.com/link?url=wXZsevUwcgavOX6Sc3eBDHlA2ApifsdEvL4wBHYxODCmaK3VIFLFuDMecjhZZuVJPYJVou2zhHtnBRXeKTtRMa
http://www.server110.com/apache/201310/1984.html

/usr/local/apache/bin/apachectl -k start 啓動apache服務是 -k 是什麼意思呢？請大俠幫助，謝謝！

是源於UNIX的kill命令向運行中的進程發送信號。

apache官方的解釋以下：

爲了中止或者從新啓動Apache ，必須向正在運行的httpd進程發送信號。有兩種發送信號的方法。第一種方法是直接使用UNIX的kill命令向運行中的進程發送信號。也許你會注意到你的系統裏運行着不少httpd進程。但你不該該直接對它們中的任何一個發送信號，而只要對已經在PidFile中記載下了自身PID的父進程發送信號。也就是說，你沒必要對父進程之外的任何進程發送信號。你能夠向父進程發送三種信號：TERM、HUP、USR1 。
你能夠用下面這樣的命令來向父進程發送信號：
kill -TERM `cat /usr/local/apache2/logs/httpd.pid`
第二種方法是使用下面將要描述的httpd二進制可執行文件的 -k 命令行選項：stop、restart、graceful、graceful-stop 。
不過推薦你使用apachectl控制腳原本向httpd二進制可執行文件傳遞這些選項。
當你向httpd發送信號後，你能夠這樣來讀取它的進行過程：

tail -f /usr/local/apache2/logs/error_log

好比--當即中止
使用信號：TERM
apachectl -k stop發送TERM或stop信號到父進程可使它馬上殺死全部子進程。這將花費一些時間來殺死全部子進程。而後父進程本身也退出。全部進行中的請求將被強行停止，並且再也不接受其它請求。

其實在man httpd有這樣一個介紹
-k start|restart|graceful|stop|graceful-stop
Signals httpd to start, restart, or stop. See Stopping Apache for more information.

apachectl是Apache HTTP服務器的前端程序。其設計意圖是幫助管理員控制Apache httpd後臺守護進程。
apachectl腳本有兩種操做模式。

一、首先，做爲簡單的httpd的前端程序，設置全部必要的環境變量，而後啓動httpd ，並傳遞全部的命令行參數。

二、其次，做爲SysV初始化腳本，接受簡單的一個單詞的參數，如：start, restart, stop ，並把他們翻譯爲適當的信號發送給httpd

。
若是你的Apache安裝在非標準的路徑中，你將須要修改apachectl腳本使其中的路徑正確地指向httpd程序。此外，還能夠指定任何須要的httpd命令行參數。細節能夠參見腳本中的註解。
apachectl腳本若是執行成功，則返回0 ；若是出錯，則其返回值>0 。更多細節能夠參見腳本中的註解。

在扮演傳遞角色時，apachectl能夠接受對httpd程序有效的全部參數。
apachectl [ httpd-argument ]

在SysV初始化模式中，apachectl只接受簡單的一個單詞的命令，以下：
apachectl command

下列僅說明了SysV初始化類型的選項，其餘參數的說明見httpd手冊頁。

start
啓動Apache httpd後臺守護進程。若是已經啓動，則產生一個錯誤。它等價於 apachectl -k start 。
stop
中止Apache httpd後臺守護進程。它等價於 apachectl -k stop 。
restart
從新啓動Apache httpd後臺守護進程。若是守護進程還沒有運行，則啓動它。在從新啓動守護進程以前，此命令會使用configtest自動檢查配置文件，以確保Apache不會死掉。它等價於 apachectl -k restart 。
fullstatus
顯示由mod_status提供的完整的狀態報告。要使用這個功能，須要啓用服務器上的mod_status模塊，而且系統中有一個基於文本的瀏覽器，如lynx 。修改腳本中的STATUSURL變量，能夠修改訪問狀態報告的URL 。
status
顯示一個簡要的狀態報告。它相似於fullstatus選項，可是省略了正在處理的請求的列表。
graceful
優雅地從新啓動Apache httpd後臺守護進程。若是守護進程還沒有啓動，則啓動它。它和標準從新啓動的不一樣之處在於：不會中斷當前已經打開的鏈接，也不會當即關閉日誌。這意味着，若是在日誌滾動腳本使用它，則在處理日誌以前必須加入一個實實在在的延遲，以確保老的日誌文件在被處理前已經關閉。在從新啓動守護進程以前，此命令會使用configtest自動檢查配置文件，以確保Apache不會死掉。它等價於 apachectl -k graceful 。
graceful-stop
優雅地中止Apache httpd後臺守護進程。它和標準中止的不一樣之處在於：不會中斷當前已經打開的鏈接，也不會當即關閉日誌。它等價於 apachectl -k graceful-stop 。
configtest
執行一次配置文件語法檢查。它解析配置文件，並報告 Syntax Ok 或者是特定的語法錯誤詳細信息。它等價於 apachectl -t 。
下列選項僅在早期版本中使用，如今已經被廢棄了。
startssl
以支持SSL的方式啓動httpd ，你應當編輯配置文件，並在其中包含與SSL支持相關的指令，而後使用 apachectl start 啓動服務器。

僞靜態
http://baike.baidu.com/link?url=I-21EmJmbOmzvK6HuhS1-R39lITINPdgHPeIrSMiuf9PxRcryz8hSWX5E5FzkuZs8qihikAGQUifbQuZGdhOo4PSDZQg4k41dX2Xk6pvXsOHNpbHiaPXpi0pjC9JfMc2
僞靜態是相對真實靜態來說的，一般咱們爲了加強搜索引擎的友好面，都將文章內容生成靜態頁面，可是有的朋友爲了實時的顯示一些信息。或者還想運用動態腳本解決一些問題。不能用靜態的方式來展現網站內容。可是這就損失了對搜索引擎的友好面。怎麼樣在二者之間找個中間方法呢，這就產生了僞靜態技術。就是展現出來的是以html一類的靜態頁面形式，但實際上是用ASP一類的動態腳原本處理的。
用IIS的404錯誤處理機制來實現的。這個比rewrite技術要靈活的多。

這樣。用戶或蜘蛛看到的URL仍是他訪問的URL.而咱們對內容的處理上能夠用到了動態技術。這就是咱們想要的結果。說得簡單了一些。可是基本思路就是這樣了。

區別靜態
從URL結構以及頁面名稱看，僞靜態和靜態頁面是同樣的。僞靜態的頁面後綴能夠是html htm 或者是目錄格式
僞靜態只是改變了URL的表現形式，實際上仍是動態頁面
靜態頁面能夠節省服務器資源，而僞靜態嚴格說是增長服務器資源消耗的
總結，在SEO方面，僞靜態和靜態頁面的功能是相同的，可是僞靜態本質上仍是動態頁面，因此消耗資源是和動態頁面同樣的，並且由於Rewrite服務器還須要消耗額外的資源。

logstash的角色：shipper和indexer P83

logstash做爲無狀態的軟件，配合消息隊列系統，能夠作線性擴展，兩個消息隊列系統：kafka和redis

rsyslog P95
rsyslog從v6版本開始，設計了一套rainerscript做爲配置中的DSL
rsyslog從v7版本開始帶有omelasticsearch插件能夠直接寫入數據到elasticsearch集羣
rsyslog當前官方穩定版是v8

rpm -qa|grep syslog
rsyslog-5.8.10-10.el6_6.x86_64