LAMP ---Apache用戶認證、域名跳轉、Apache訪問日誌介紹······

Apache 默認虛擬主機配置

  • 一臺服務器能夠訪問多個網站,每一個網站都是一個虛擬主機
  • 概念:域名(主機名)、DNS、解析域名、hosts
  • 任何一個域名解析到這臺機器,均可以訪問的虛擬主機就是默認虛擬主機
  • vim /usr/local/apache2/conf/httpd.conf //搜索httpd-vhost,去掉#
  • vim /usr/local/apache2/conf/extra/httpd-vhosts.conf //改成以下
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/abc.com"
    ServerName abc.com
    ServerAlias www.abc.com www.123.com
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "111.com"
    ServerName 111.com 
    ServerAlias www.example.com
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>
  • /usr/local/apache2/bin/apachectl –tjavascript

  • /usr/local/apache2/bin/apachectl gracefulphp

  • mkdir -p /data/wwwroot/abc.comcss

  • mkdir -p/data/wwwroot/111.comhtml

  • vim /data/wwwroot/abc.com/index.phpjava

<?php
echo "abc.com";
?>
  • vim /data/wwwroot/111.com/index.php
<?php
echo "111.com";
?>

Apache用戶認證(針對目錄)

這個功能就是在用戶訪問網站的時候,須要輸入用戶密碼才能順利訪問。一些比較重要的站點或者網站後臺一般會加上用戶認證,目的是保證安全。python

1.虛擬主機的配置文件:

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/extra/httpd-vhosts.conf 編輯配置文件linux

更改111.com的虛擬主機認證內容以下:apache

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com
     <Directory /data/wwwroot/111.com> 
        AllowOverride AuthConfig 
        AuthName "111.com user auth" 
        AuthType Basic 
        AuthUserFile /data/.htpasswd  
        require valid-user    
    </Directory>
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

註釋:vim

<Directory /data/wwwroot/111.com> //指定認證的目錄    

        AllowOverride AuthConfig //這個至關於打開認證的開關

        AuthName "111.com user auth" //自定義認證的名字,做用不大

        AuthType Basic //認證的類型,通常爲Basic,其餘類型阿銘沒用過

        AuthUserFile /data/.htpasswd  //指定密碼文件所在位置

        require valid-user //指定須要認證的用戶爲所有可用用戶

    </Directory>

2.Apache自帶命令htpasswd建立密碼文件

[root@xuexi-001 ~]# /usr/local/apache2/bin/htpasswd -c -m /data/.htpasswd guo
New password:      //新建密碼
Re-type new password:   //再次輸入密碼
Adding password for user guo


[root@xuexi-001 ~]# ls /data/.htpasswd  //查看建立密碼文件
/data/.htpasswd
[root@xuexi-001 ~]# cat /data/.htpasswd //查看生成用戶密碼
guo:$apr1$9HwvE/Zz$65C8zBbv0d3lViWpCpq2U/

再建立一個用戶並生成密碼文件windows

[root@xuexi-001 ~]# /usr/local/apache2/bin/htpasswd -c -m /data/.htpasswd laoshi
New password: 
Re-type new password: 
Adding password for user laoshi
[root@xuexi-001 ~]# ls /data/.htpasswd 
/data/.htpasswd
[root@xuexi-001 ~]# cat /data/.htpasswd 
laoshi:$apr1$xwJc0bq2$dRFFgywsDVUmP6Bf5bkXd1

備註:

須要注意的是,再次生成用戶密碼文件的時候不用加-c 若是加上-c 會將以前生成的密碼文件 .htpasswd 覆蓋

[root@xuexi-001 ~]# /usr/local/apache2/bin/htpasswd  -m /data/.htpasswd guo
New password: 
Re-type new password: 
Adding password for user guo
[root@xuexi-001 ~]# ls /data/.htpasswd 
/data/.htpasswd
[root@xuexi-001 ~]# cat /data/.htpasswd 
laoshi:$apr1$xwJc0bq2$dRFFgywsDVUmP6Bf5bkXd1
guo:$apr1$CnZW7fTB$IewDNgxjxk.EhQcTai5Lz0

說明:

-c:是建立;

-m:是指定md5加密類型;

指定用戶爲xie(PS:若是再次新增用戶,就不須要再加-c ,由於已經建立過密碼文件了);

3.測試語法和加載配置文件

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t Syntax OK

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

4.測試配置是否成功

[root@xuexi-001 ~]# curl -x192.168.5.130:80 111.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>

訪問111.com,出現401狀態碼,說明訪問的這個域名須要用戶認證。

在本地windows系統裏作hosts解析111.com ,C:\Windows\System32\drivers\etc,格式:192.168.5.130 111.com

定義完本地hosts後,用瀏覽器訪問111.com網站時就會出現用戶認證,用戶密碼就是剛纔增長的用戶和設置的密碼

5.使用curl -x輸入用戶名密碼訪問

[root@xuexi-001 ~]# curl -x192.168.5.130:80 -u guo:111111 111.com -I
HTTP/1.1 200 OK
Date: Wed, 27 Jun 2018 15:35:24 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
X-Powered-By: PHP/5.6.36
Content-Type: text/html; charset=UTF-8

說明:狀態碼變成200了,就是正常的,-u的做用是指定用戶和密碼。 -I 只顯示請求頭的信息

6.還能夠針對單個文件進行認證(針對文件)

修改虛擬主機配置文件

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/extra/httpd-vhosts.conf 

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com
     <FilesMatch 123.php>   
        AllowOverride AuthConfig
        AuthName "111.com user auth"
        AuthType Basic
        AuthUserFile /data/.htpasswd
        require valid-user
     </FilesMatch>
     ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t
Syntax OK
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com
     <FilesMatch 123.php>   //這裏改成制定爲文件,對123.php 文件作限制
        AllowOverride AuthConfig
        AuthName "111.com user auth"
        AuthType Basic
        AuthUserFile /data/.htpasswd
        require valid-user
     </FilesMatch>
     ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

在111.com目錄下編輯建立測試文件123.php

[root@xuexi-001 ~]# vi /data/wwwroot/111.com/123.php
<?php
echo"123.php";
?>
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t
Syntax OK
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

用curl -x訪問:

[root@xuexi-001 ~]# curl -x192.168.5.130:80 111.com -I //不用-u加用戶和密碼了,也能夠訪問,出現200狀態碼 
HTTP/1.1 200 OK
Date: Wed, 27 Jun 2018 16:03:00 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
X-Powered-By: PHP/5.6.36
Content-Type: text/html; charset=UTF-8

[root@xuexi-001 ~]# curl -x192.168.5.130:80 111.com/123.php -I  //可是訪問文件123.php時就出現401了,說明須要用戶認證了
HTTP/1.1 401 Unauthorized
Date: Wed, 27 Jun 2018 16:04:40 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
WWW-Authenticate: Basic realm="111.com user auth"
Content-Type: text/html; charset=iso-8859-1


[root@xuexi-001 ~]# curl -x192.168.5.130:80 -u guo:111111  111.com/123.php -I   //只有用-u加用戶和密碼才能正常訪問123.php。
HTTP/1.1 200 OK
Date: Wed, 27 Jun 2018 16:05:34 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
X-Powered-By: PHP/5.6.36
Content-Type: text/html; charset=UTF-8

[root@xuexi-001 ~]# curl -x192.168.5.130:80 -u guo:111111  111.com/123.php 
123.php[root@xuexi-001 ~]#
//使用用戶驗證後查看文件內容

域名跳轉

域名跳轉的做用有兩點:

1.若是某個域名再也不使用了,可是搜索引擎還留着以前的老域名的連接,這意味着用戶可能會搜到咱們的網站而且點擊老的域名,固須要把老域名作個跳轉跳到新域名,這樣用戶搜的時候,也能夠訪問網站。

2.一個站點有多個域名會對SEO的排名有影響,若是把多個域名所有跳轉到一個指定的域名,這樣以這個域名爲中心,就能夠把權重集中在這個域名上,並給定義一個狀態碼爲301,301叫做永久重定向。

需求,把非111.com域名跳轉到111.com。

1.編輯虛擬主機配置文件

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/extra/httpd-vhosts.conf

2.修改增長以下內容:

<VirtualHost *:80>

    DocumentRoot "/data/wwwroot/111.com"

    ServerName 111.com

    ServerAlias www.example.com  aabbcc.com

    <IfModule mod_rewrite.c> 

        RewriteEngine on  

        RewriteCond %{HTTP_HOST} !^111.com$  

        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L] 

     </IfModule>

</VirtualHost>
<IfModule mod_rewrite.c>  //須要mod_rewrite模塊支持
        RewriteEngine on   //打開rewrite功能        
        RewriteCond %{HTTP_HOST} !^111.com$  //定義rewrite的條件,主機名(域名)不是111.com知足條件      
        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
        //定義rewrite規則,當知足上面的條件時,這條規則纔會執行
     </IfModule>

3.檢測語法及從新加載配置:

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t Syntax OK

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

4.檢測apache是否加載了rewrite模塊:

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -M|grep -i rewrite

//若無該模塊,須要編輯配置文件httpd.conf,刪除rewrite_module (shared) 前面的#

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/httpd.conf

#LoadModule rewrite_module modules/mod_rewrite.so

//進入配置文件,搜索rewrite,把前面#去掉

LoadModule rewrite_module modules/mod_rewrite.so

5.檢測語法及從新加載配置,查看加載模塊:

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t Syntax OK

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

6.測試

[root@xuexi-001 ~]# curl -x192.168.5.130:80 www.example.com -I
HTTP/1.1 301 Moved Permanently
Date: Wed, 27 Jun 2018 16:55:09 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
Location: http://111.com/
Content-Type: text/html; charset=iso-8859-1

[root@xuexi-001 ~]# curl -x192.168.5.130:80 aabbcc.com -I
HTTP/1.1 301 Moved Permanently
Date: Wed, 27 Jun 2018 16:55:19 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
Location: http://111.com/
Content-Type: text/html; charset=iso-8859-1

[root@xuexi-001 ~]# curl -x192.168.5.130:80 www.123456.com -I
HTTP/1.1 200 OK
Date: Wed, 27 Jun 2018 16:57:00 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
X-Powered-By: PHP/5.6.36
Content-Type: text/html; charset=UTF-8

[root@xuexi-001 ~]# curl -x192.168.5.130:80 111.com/asd/123/345  -I
HTTP/1.1 404 Not Found
Date: Wed, 27 Jun 2018 16:57:36 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
Content-Type: text/html; charset=iso-8859-1


[root@xuexi-001 ~]# vi /usr/local/apache2/conf/httpd.conf

 Require all granted 改成
 Require all denied
 
 [root@xuexi-001 ~]# vi /usr/local/apache2/conf/httpd.conf
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t
Syntax OK
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful
[root@xuexi-001 ~]# curl -x192.168.5.130:80 111.com/asd/123/345  -I
HTTP/1.1 403 Forbidden
Date: Wed, 27 Jun 2018 17:05:20 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
Content-Type: text/html; charset=iso-8859-1

說明:

-I 不顯示訪問內容,只看狀態碼

404 這個頁面不存在

301 永久跳轉

401 用戶密碼驗證,密碼驗證不對就401,驗證對了就200

403 把granted改爲denied就會403

Apache訪問日誌

訪問日誌的做用很大,不只能夠記錄網站的訪問日誌,還能夠在網站有異常發生時幫助咱們定位問題,好比有***時,是能夠經過查看日誌看到一些規律的.日誌記錄了不少系統的信息,經過讀日誌,能夠找到系統問題的緣由。而日誌有不一樣的格式,分爲common和combined,combined能夠記錄更多的信息。

1.查看默認配置文件日誌

[root@xuexi-001 ~]# ls /usr/local/apache2/logs/
111.com-access_log  abc.com-access_log  access_log
111.com-error_log   abc.com-error_log   error_log
[root@xuexi-001 ~]# ls /usr/local/apache2/logs/111.com-access_log 
/usr/local/apache2/logs/111.com-access_log
[root@xuexi-001 ~]# cat /usr/local/apache2/logs/111.com-access_log 
192.168.5.130 - - [27/Jun/2018:22:39:20 +0800] "GET HTTP://www.example.com/ HTTP/1.1" 200 7
192.168.5.130 - - [27/Jun/2018:22:40:40 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
192.168.5.130 - - [27/Jun/2018:22:40:50 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
192.168.5.130 - - [27/Jun/2018:22:41:21 +0800] "GET HTTP://www.example.com/ HTTP/1.1" 200 7
192.168.5.130 - - [27/Jun/2018:23:27:11 +0800] "GET HTTP://111.com/ HTTP/1.1" 401 381
192.168.5.1 - - [27/Jun/2018:23:29:43 +0800] "GET /favicon.ico HTTP/1.1" 401 381
192.168.5.1 - - [27/Jun/2018:23:29:44 +0800] "GET / HTTP/1.1" 401 381
192.168.5.1 - - [27/Jun/2018:23:29:45 +0800] "GET / HTTP/1.1" 401 381
192.168.5.1 - guo [27/Jun/2018:23:29:55 +0800] "GET / HTTP/1.1" 200 7
192.168.5.1 - guo [27/Jun/2018:23:29:55 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.5.1 - - [27/Jun/2018:23:30:08 +0800] "GET / HTTP/1.1" 401 381
192.168.5.1 - - [27/Jun/2018:23:31:22 +0800] "GET /favicon.ico HTTP/1.1" 401 381
192.168.5.130 - guo [27/Jun/2018:23:33:18 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
192.168.5.130 - guo [27/Jun/2018:23:33:33 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
192.168.5.130 - guo [27/Jun/2018:23:35:05 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
192.168.5.130 - guo [27/Jun/2018:23:35:24 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
192.168.5.130 - guo [27/Jun/2018:23:41:32 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
192.168.5.130 - guo [27/Jun/2018:23:41:38 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
192.168.5.130 - - [28/Jun/2018:00:03:00 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
192.168.5.130 - - [28/Jun/2018:00:04:40 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 401 -
192.168.5.130 - guo [28/Jun/2018:00:05:34 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.5.130 - guo [28/Jun/2018:00:06:16 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
127.0.0.1 - - [28/Jun/2018:00:46:52 +0800] "HEAD http://111.com/adfjadfa/adfdafadfaf HTTP/1.1" 404 -
192.168.5.130 - - [28/Jun/2018:00:49:20 +0800] "HEAD HTTP://www.example.com/ HTTP/1.1" 301 -
192.168.5.1 - - [28/Jun/2018:00:50:49 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.5.1 - - [28/Jun/2018:00:50:52 +0800] "GET / HTTP/1.1" 200 7
192.168.5.1 - - [28/Jun/2018:00:50:52 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.5.1 - - [28/Jun/2018:00:51:04 +0800] "GET /1.php HTTP/1.1" 404 203
192.168.5.1 - - [28/Jun/2018:00:51:04 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.5.1 - - [28/Jun/2018:00:51:22 +0800] "GET /123.php HTTP/1.1" 200 7
192.168.5.1 - - [28/Jun/2018:00:51:22 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.5.130 - - [28/Jun/2018:00:53:27 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
192.168.5.130 - - [28/Jun/2018:00:55:09 +0800] "HEAD HTTP://www.example.com/ HTTP/1.1" 301 -
192.168.5.130 - - [28/Jun/2018:00:55:19 +0800] "HEAD HTTP://aabbcc.com/ HTTP/1.1" 301 -
192.168.5.130 - - [28/Jun/2018:00:57:36 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 404 -
192.168.5.130 - - [28/Jun/2018:01:05:20 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 403 -
192.168.5.130 - - [28/Jun/2018:01:06:07 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 404 -

2.介紹日誌配置文件格式

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/httpd.conf
LogLevel warn

<IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

訪問日誌記錄用戶的每個請求說明以下:

%h:爲訪問網站的IP;

%l:爲訪問遠程登陸名,這個字段基本上爲"-";

%u:爲用戶名,當使用用戶認證時,這個字段爲認證的用戶名;

%t:爲時間;

%r:爲請求的動做(好比用ctrl-I是就爲HEADE);

%s:爲請求的狀態,寫成%>s爲最後的狀態碼;

%b:爲傳輸數據大小;

%{Referer}i:爲referer信息(請求本次地址上一次的地址就爲referer,好比在百度中搜索阿銘linux,而後經過百度的搜索結果頁面點擊而後到了阿名的論壇,那訪問阿銘的論壇的此次請求的referer就是baidu,固然那個地址確定是很長的);

%{User-Agent}i:爲瀏覽器標識,好比你用Firefox或者Chrome瀏覽器,則該字段顯示內容不同,是帶有瀏覽器的標識的。

3.定義虛擬主機配置文本日誌格式:

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/extra/httpd-vhosts.conf
把common日誌格式格式改爲combined日誌格式,示例以下:

ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" combined

4.測試語法及從新加載配置

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t
Syntax OK
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

5.作幾個操做命令後查看日誌

iptables -I INPUT -p tcp --dport 80 -j ACCEPT // 臨時打開80端口

[root@xuexi-001 ~]# curl -x 192.168.5.130:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Thu, 28 Jun 2018 15:08:27 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
X-Powered-By: PHP/5.6.36
Content-Type: text/html; charset=UTF-8


[root@xuexi-001 ~]# curl -x 192.168.5.130:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Thu, 28 Jun 2018 15:08:47 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
X-Powered-By: PHP/5.6.36
Content-Type: text/html; charset=UTF-8


[root@xuexi-001 ~]# tail  /usr/local/apache2/logs/111.com-access_log 
192.168.5.130 - - [28/Jun/2018:23:08:27 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.5.130 - - [28/Jun/2018:23:08:47 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"

訪問日誌不記錄靜態文件

網站大多元素爲靜態文件,如圖片、css、js等,這些元素能夠不用記錄

將一下內容拷貝至虛擬主機配置文件 /usr/local/apache2/conf/extra/httpd-vhosts.conf

  • SetEnvIf Request_URI ".*.gif$" img
  • SetEnvIf Request_URI ".*.jpg$" img
  • SetEnvIf Request_URI ".*.png$" img
  • SetEnvIf Request_URI ".*.bmp$" img
  • SetEnvIf Request_URI ".*.swf$" img
  • SetEnvIf Request_URI ".*.js$" img
  • SetEnvIf Request_URI ".*.css$" img CustomLog "logs/123.com-access_log" combined env=!img

1.修改配置文件

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/extra/httpd-vhosts.conf 

 ErrorLog "logs/111.com-error_log"
    SetEnvIf Request_URI ".*\.gif$" img
    SetEnvIf Request_URI ".*\.jpg$" img 
    SetEnvIf Request_URI ".*\.png$" img
    SetEnvIf Request_URI ".*\.bmp$" img
    SetEnvIf Request_URI ".*\.swf$" img
    SetEnvIf Request_URI ".*\.js$" img
    SetEnvIf Request_URI ".*\.css$" img
    CustomLog "logs/111.com-access_log" combined  env=!img

2.測試語法及從新加載配置

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t
Syntax OK
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

3.測試記錄日誌文件,訪問後綴jpg、gif、png、bmp、swf、js、css的文件不被記錄,後綴爲jpg1等不包括以上後綴名的會被記錄

[root@xuexi-001 ~]# curl -x 192.168.5.130:80 111.com/123.jpg1 -I
HTTP/1.1 404 Not Found
Date: Thu, 28 Jun 2018 15:45:29 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
Content-Type: text/html; charset=iso-8859-1

[root@xuexi-001 ~]# tail /usr/local/apache2/logs/111.com-access_log 
192.168.5.130 - - [28/Jun/2018:00:55:09 +0800] "HEAD HTTP://www.example.com/ HTTP/1.1" 301 -
192.168.5.130 - - [28/Jun/2018:00:55:19 +0800] "HEAD HTTP://aabbcc.com/ HTTP/1.1" 301 -
192.168.5.130 - - [28/Jun/2018:00:57:36 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 404 -
192.168.5.130 - - [28/Jun/2018:01:05:20 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 403 -
192.168.5.130 - - [28/Jun/2018:01:06:07 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 404 -
comdined
comdined
192.168.5.130 - - [28/Jun/2018:23:08:27 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.5.130 - - [28/Jun/2018:23:08:47 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.5.130 - - [28/Jun/2018:23:45:29 +0800] "HEAD HTTP://111.com/123.jpg1 HTTP/1.1" 404 - "-" "curl/7.29.0"
[root@xuexi-001 ~]# curl -x 192.168.5.130:80 111.com/123.jpg -I
HTTP/1.1 404 Not Found
Date: Thu, 28 Jun 2018 15:47:30 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
Content-Type: text/html; charset=iso-8859-1

[root@xuexi-001 ~]# tail /usr/local/apache2/logs/111.com-access_log 
192.168.5.130 - - [28/Jun/2018:00:55:09 +0800] "HEAD HTTP://www.example.com/ HTTP/1.1" 301 -
192.168.5.130 - - [28/Jun/2018:00:55:19 +0800] "HEAD HTTP://aabbcc.com/ HTTP/1.1" 301 -
192.168.5.130 - - [28/Jun/2018:00:57:36 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 404 -
192.168.5.130 - - [28/Jun/2018:01:05:20 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 403 -
192.168.5.130 - - [28/Jun/2018:01:06:07 +0800] "HEAD HTTP://111.com/asd/123/345 HTTP/1.1" 404 -
comdined
comdined
192.168.5.130 - - [28/Jun/2018:23:08:27 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.5.130 - - [28/Jun/2018:23:08:47 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.5.130 - - [28/Jun/2018:23:45:29 +0800] "HEAD HTTP://111.com/123.jpg1 HTTP/1.1" 404 - "-" "curl/7.29.0"

訪問日誌切割

  • 日誌一直記錄總有一天會把整個磁盤佔滿,因此有必要讓它自動切割,並刪除老的日誌文件
  • 把虛擬主機配置文件改爲以下:
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
   SetEnvIf Request_URI ".*\.gif$" img
    SetEnvIf Request_URI ".*\.jpg$" img
    SetEnvIf Request_URI ".*\.png$" img
    SetEnvIf Request_URI ".*\.bmp$" img
    SetEnvIf Request_URI ".*\.swf$" img
    SetEnvIf Request_URI ".*\.js$" img
    SetEnvIf Request_URI ".*\.css$" img 
    CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!img
</VirtualHost>
  • 從新加載配置文件 -t, graceful
  • ls /usr/local/apache2.4/logs

1.修改配置文件

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/extra/httpd-vhosts.conf 
修改  CustomLog "logs/111.com-access_log" combined  env=!img

修改完後:
 CustomLog "|/usr/local/apache2/bin/rotatelogs -l logs/111.com-access_%Y%m%d.log 86400" combined  env=!img

說明:

|/usr/local/apache2/bin/rotatelogs // Apache 專門進行日誌切割的工具

-l // 指定按照CST 當前時間爲基準,若是不指定按照UTC 美國時間

111.com-access_%Y%m%d.log // 按照時間記錄 %Y%m%d 年月日命名

86400 // 按天生成 指定天天換算成秒 爲86400 秒

2.測試語法及從新加載配置

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t
Syntax OK
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

3.先進行訪問,纔會記錄文件。測試

[root@xuexi-001 ~]# ls /usr/local/apache2/logs/
111.com-access_log  abc.com-access_log  access_log  httpd.pid
111.com-error_log   abc.com-error_log   error_log

···目前尚未生成新的文件

訪問:

[root@xuexi-001 ~]# curl -x 192.168.5.130:80 111.com/123.php -I
HTTP/1.1 200 OK
Date: Thu, 28 Jun 2018 16:18:05 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
X-Powered-By: PHP/5.6.36
Content-Type: text/html; charset=UTF-8

[root@xuexi-001 ~]# ls /usr/local/apache2/logs/
111.com-access_20180629.log  111.com-error_log   abc.com-error_log  error_log
111.com-access_log           abc.com-access_log  access_log         httpd.pid

備註:

此時,須要作一個任務計劃,將超過多久的日誌文件進行刪除。

靜態元素過時時間

  • 瀏覽器訪問網站的圖片時會把靜態的文件緩存在本地電腦裏,這樣下次再訪問時就不用去遠程下載了
  • 增長配置
<IfModule mod_expires.c>
    ExpiresActive on  //打開該功能的開關
    ExpiresByType image/gif  "access plus 1 days"
    ExpiresByType image/jpeg "access plus 24 hours"
    ExpiresByType image/png "access plus 24 hours"
    ExpiresByType text/css "now plus 2 hour"
    ExpiresByType application/x-javascript "now plus 2 hours"
    ExpiresByType application/javascript "now plus 2 hours"
    ExpiresByType application/x-shockwave-flash "now plus 2 hours"
    ExpiresDefault "now plus 0 min"
</IfModule>
  • 須要expires_module
  • curl測試,看cache-control: max-age

1.修改配置文件

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/extra/httpd-vhosts.conf 

<IfModule mod_expires.c>
    ExpiresActive on  
    ExpiresByType image/gif  "access plus 1 days"
    ExpiresByType image/jpeg "access plus 24 hours"
    ExpiresByType image/png "access plus 24 hours"
    ExpiresByType text/css "now plus 2 hour"
    ExpiresByType application/x-javascript "now plus 2 hours"
    ExpiresByType application/javascript "now plus 2 hours"
    ExpiresByType application/x-shockwave-flash "now plus 2 hours"
    ExpiresDefault "now plus 0 min"
</IfModule>

說明:打開mod_expires.c 過時時間模塊

[root@xuexi-001 ~]# vi /usr/local/apache2/conf/httpd.conf
#LoadModule expires_module modules/mod_expires.so
// 將上面這一行中的#去掉修改成:
LoadModule expires_module modules/mod_expires.so
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -M |grep expir
 expires_module (shared)

2.測試語法及從新加載配置

[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl -t
Syntax OK
[root@xuexi-001 ~]# /usr/local/apache2/bin/apachectl graceful

3.網頁測試

image

4.命令行下測試

[root@xuexi-001 ~]# curl -x192.168.5.130:80 111.com/baidu.jpg -I
HTTP/1.1 200 OK
Date: Thu, 28 Jun 2018 16:52:16 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.36
Last-Modified: Thu, 28 Jun 2018 16:33:20 GMT
ETag: "30ed-56fb64a095b87"
Accept-Ranges: bytes
Content-Length: 12525
Cache-Control: max-age=86400
Expires: Fri, 29 Jun 2018 16:52:16 GMT
Content-Type: image/jpeg
相關文章
相關標籤/搜索