¿Æ¼¼ÐÐÕß

ÐÐÕßѧԺ תÐÍ˽¶­»á ¿Æ¼¼ÐÐÕßרÌⱨµÀ Íøºì´óÕ½¿Æ¼¼ÐÐÕß

֪ʶ¿â

֪ʶ¿â °²È«µ¼º½

ÖÁ¶¥Íø°²È«ÆµµÀÓ¦Óð²È«¡¡¡¡Apache·þÎñÆ÷°²È«·À·¶

¡¡¡¡Apache·þÎñÆ÷°²È«·À·¶

  • ɨһɨ
    ·ÖÏíÎÄÕµ½Î¢ÐÅ

  • ɨһɨ
    ¹Ø×¢¹Ù·½¹«ÖÚºÅ
    ÖÁ¶¥Í·Ìõ

¡¡¡¡Apache·þÎñÆ÷×ßµ½ÄÇÀunix/linux¾Í¸úµ½ÄÇÀÕâ×ãÒÔ˵Ã÷ÔÚWEB·þÎñÆ÷ÁìÓòApacheµÄÓÅÁ¼ÐÔÄÜÓëÊг¡Õ¼ÓÐÂÊÕâ½ñÌ컥ÁªÍøµÄ´ó»·¾³Ï£¬web·þÎñÒѾ­³ÉΪ¹«Ë¾ÆóÒµ±Ø²»¿ÉÉÙµÄÒµÎñ£¬´ó¶àÊýµÄ°²È«ÎÊÌâÒ²¸úËæ¶øÀ´£¬¹¥»÷ÖصãҲתÒÆΪweb¹¥»÷£¬Ðí¶àwebÓëÆÄÓмÛÖµµÄ¿Í»§·þÎñÓëµç×ÓÉÌÒµ»î¶¯½áºÏÔÚÒ»Æð£¬ÕâÒ²ÊÇÎüÒý¶ñÒâ¹¥»÷ÖØÒªÔ­Òò¡£

À´Ô´£ºzdnetÕûÀí 2011Äê6ÔÂ6ÈÕ

¹Ø¼ü×Ö£º Web°²È« SQL

  • ÆÀÂÛ
  • ·ÖÏí΢²©
  • ·ÖÏíÓʼþ

¡¡¡¡Apache·þÎñÆ÷×ßµ½ÄÇÀunix/linux¾Í¸úµ½ÄÇÀÕâ×ãÒÔ˵Ã÷ÔÚWEB·þÎñÆ÷ÁìÓòApacheµÄÓÅÁ¼ÐÔÄÜÓëÊг¡Õ¼ÓÐÂÊÕâ½ñÌ컥ÁªÍøµÄ´ó»·¾³Ï£¬web·þÎñÒѾ­³ÉΪ¹«Ë¾ÆóÒµ±Ø²»¿ÉÉÙµÄÒµÎñ£¬´ó¶àÊýµÄ°²È«ÎÊÌâÒ²¸úËæ¶øÀ´£¬¹¥»÷ÖصãҲתÒÆΪweb¹¥»÷£¬Ðí¶àwebÓëÆÄÓмÛÖµµÄ¿Í»§·þÎñÓëµç×ÓÉÌÒµ»î¶¯½áºÏÔÚÒ»Æð£¬ÕâÒ²ÊÇÎüÒý¶ñÒâ¹¥»÷ÖØÒªÔ­Òò¡£

¡¡¡¡ÏÈÀ´Á˽âÏÂwebËùÃæÁٵݲȫ·çÏÕHTTP¾Ü¾ø·þÎñ¹¥»÷¹¥»÷Õßͨ¹ýijЩÊÖ¶Îʹ·þÎñÆ÷¾Ü¾ø¶ÔhttpÓ¦´ð£¬ÕâʹApache¶Ôϵͳ×ÊÔ´£¨cupʱ¼äÓëÄڴ棩ÐèÇó¾ÞÔö£¬×îÖÕÔì³Éϵͳ±äÂýÉõÖÁÍêȫ̱»¾£¬Apache·þÎñÆ÷×î´óµÄȱµãÊÇ£¬ËüµÄÆÕ±éÐÔʹËü³ÉΪÖÚʸ֮µÄ£¬Apache·þÎñÆ÷ÎÞʱÎ޿̲»Êܵ½DoS¹¥»÷Íþв£¬Ö÷ÒªÓÐϱ߼¸ÖÖ1.Êý¾Ý°üºéË®¹¥»÷Ò»ÖÖÖжϷþÎñÆ÷»ò±¾µØÍøÂçµÄ·½·¨ÊÇÊý¾Ý°üºéË®¹¥»÷£¬Ëüͨ³£Ê¹ÓÃinternet¿ØÖƱ¨ÎÄЭÒ飨ICMP£¬ÊôÓÚÍøÂç²ãЭÒ飩°ü»òÊÇudp°ü£¬ÔÚ×î¼òµ¥µÄÐÎʽÏ£¬ÕâЩ¹¥»÷¶¼ÊÇʹ·þÎñÆ÷»òÍøÂ縺ÔعýÖØ£¬ÕâÒâζÕâ¹¥»÷ÕßµÄÍøÂçËٶȱØÐë±ÈÄ¿±êÖ÷»úÍøÂçËÙ¶ÈÒª¿ì£¬Ê¹ÓÃudp°üµÄ ÓÅÊÆÊDz»»áÓÐÈκΰü·µ»Øµ½ºÚ¿ÍµÄ¼ÆËã»ú£¨udpЧÂÊÒª±Ètcp¸ß17±¶£©£¬¶øʹÓÃICMP°üµÄÓÅÊÆÊǹ¥»÷ÕßÄÜÈù¥»÷¸ü¼Ó¸»Óë±ä»¯£¬·¢ËÍÓÐȱÏݵİü»á¸ãÂÒ²¢ ËøסÊܺ¦ÕßµÄÍøÂ磬ĿǰÁ÷ÐеÄÇ÷ÊÆÊǹ¥»÷ÕßÆÛÆ­·þÎñÆ÷£¬ÈÃÆäÏàÐÅÕýÔÚÊÜÀ´×Ô×ÔÉíµÄºéË®¹¥»÷2.´ÅÅ̹¥»÷ÕâÊÇÒ»Öֺܲ»µÀµÂµÄ¹¥»÷£¬Ëü²»½öÓ°Ïì¼ÆËã»úµÄͨÐÅ£¬»¹ÆÆ»µÆäÓ²¼þ£¬Î±ÔìµÄÓû§ÇëÇóÀûÓÃдÃüÁî¹¥»÷Ä¿±ê¼ÆËã»úÓ²ÅÌ£¬ÈÃÆ䳬¹ý¼«ÏÞ£¬²¢Ç¿Öƹرգ¬½á¾ÖºÜ±¯²Ò3.·Óɲ»¿É´ïͨ³£DoS¹¥»÷£¬¼¯ÖÐÔÚ·ÓÉÆ÷ÉÏ£¬¹¥»÷ÕßÊ×ÏÈ»ñµÃ¿ØÖÆȨ²¢²Ù×ÝÄ¿±ê»úÆ÷£¬µ±¹¥»÷ÕßÄܸü¸Ä·ÓɱíÌõĿʱºò£¬»áµ¼ÖÂÕû¸öÍøÂçÎÞ·¨Í¨ÐÅ£¬ÕâÖÖ¹¥»÷ºÜÒõÏÕ£¬Òþ±Î£¬ÒòΪÍøÂç¹ÜÀíÔ±ÐèÒªÅųýµÄÍøÂ粻ͨԭÒòºÜ¶à£¬ÆäÖÐһЩԭÒòÐèÒªÏêϸ·Ö±æ4.·Ö²¼Ê½¾Ü¾ø·þÎñ¹¥»÷ÕâÒ²ÊÇ×î¾ßÓÐÍþвµÄDDoS¹¥»÷£¬Ãû³ÆºÜÈÝÒ×Àí½â£¬¼òµ¥Ëµ¾ÍÊÇȺŷ£¬ºÜ¶à¿Í»§»úͬʱµ¥Ìõ·þÎñÆ÷£¬Äã»á·¢ÏÖÄ㽫É˺ÛÀÛÀÛ£¬Apache·þÎñÆ÷ÌرðÈÝ Ò×Êܵ½¹¥»÷£¬ÎÞÂÛÊÇDDos»¹ÊÇÒþ²ØÀ´Ô´µÄ¹¥»÷£¬ÒòΪApacheÎÞ´¦²»ÔÚ£¬ÌرðÊÇΪApacheÌØÒâ´òÔìµÄ²¡¶¾£¨ÌØÑ¡SSLÈä³æ£©£¬Ç±·üÔÚÐí¶àÖ÷»úÉÏ£¬ ¹¥»÷Õßͨ¹ý²¡¶¾¿ÉÒÔ²Ù×Ý´óÁ¿±»¸ÐȾµÄ»úÆ÷£¬¶ÔÌض¨Ä¿±ê·¢¶¯Ò»´ÎºÆ´óµÄDDoS¹¥»÷£¬Í¨¹ý½«Èä³æÉ¢²¥µ½´óÁ¿Ö÷»ú£¬´ó¹æÄ£µÄµã¶Ôµã¹¥»÷µÃÒÔ½øÐУ¬³ý·ÇÄã²»Ìṩ ·þÎñ£¬Òª²»È»¼¸ºõÎÞ·¨×èÖ¹ÕâÑùµÄ¹¥»÷£¬ÕâÖÖ¹¥»÷ͨ³£»á¶¨Î»µ½´óÐ͵ÄÍøÕ¾ÉÏ¡£

¡¡¡¡»º³åÇøÒç³ö£¬ÕâÖÖ¹¥»÷ºÜÆձ飬¹¥»÷ÕßÀûÓÃCGI³ÌÐò±àдһЩȱÏݳÌÐòÆ«ÀëÕý³£µÄÁ÷³Ì£¬³ÌÐòʹÓþ²Ì¬µÄÄÚ´æ·ÖÅ䣬¹¥»÷Õ߾ͿÉÒÔ·¢ËÍÒ»¸ö³¬³¤µÄÇëÇóʹ»º³åÇøÒç³ö£¬±ÈÈ磬һЩperl±àдµÄ´¦ÀíÓû§ÇëÇóµÄÍø¹Ø½Å±¾£¬Ò»µ«»º³åÇøÒç³ö£¬¹¥»÷Õ߾ͿÉÒÔÖ´ÐжñÒâÖ¸Áî·Ç·¨»ñÈ¡rootȨÏÞÈç¹ûApacheÒÔrootȨÏÞÔËÐУ¬ÏµÍ³ÉÏһЩ³ÌÐòµÄÂß¼­È±ÏÝ»ò»º³åÇøÒç³ö©¶´£¬»áÈù¥»÷ÕߺÜÈÝÒ×ÔÚ±¾µØϵͳ»ñÈ¡linux·þÎñÆ÷ÉϵĹÜÀíÕßȨ ÏÞ£¬ÔÚһЩԶ³ÌÇé¿öÏ£¬¹¥»÷Õß»áÀûÓÃһЩÒÔrootÉí·ÝÖ´ÐеÄÓÐȱÏݵÄϵͳÊØ»¤½ø³ÌÀ´È¡µÃrootȨÏÞ£¬»òÀûÓÃÓÐȱÏݵķþÎñ½ø³Ì©¶´À´È¡µÃÆÕͨÓû§È¨ÏÞ£¬ ÒÔÔ¶³ÌµÇ½£¬½ø¶ø¿ØÖÆÕû¸öϵͳ¡£

¡¡¡¡Õâ±ßÕâЩ¶¼ÊÇ·þÎñ½«»áÓöµ½µÄ¹¥»÷ÊֶΣ¬Ï±ßÀ´Ëµ£¬ÈçºÎ´òÔ찲ȫµÄApache·þÎñÆ÷Èç¹ûÄãÄÜ×ñÊØϱßÕâЩ½¨Ò飬ÄÇôÄ㽫µÃµ½Ò»Ì¨Ïà¶Ô°²È«µÄapache·þÎñÆ÷Ò»£ºÇÚ´ò²¹¶¡Äã±ØÐëÒªÏàÐÅÕâ¸öÊÇ×îÓÐÓõÄÊֶΣ¬»º³åÇøÒç³öµÈ©¶´¶¼±ØÐëʹÓÃÕâÖÖÊÖ¶ÎÀ´·ÀÓù£¬ÇÚ¿ìµãÏàÐŶÔÄãûÓлµ´¦ÔÚhttp:www.apache.orgÉÏ×îеÄchangelogÖж¼Ð´ÓУºbug fix ,security bug fixµÄ×ÖÑù£¬×öΪ¸ºÔðÈεĹÜÀíÔ±Òª¾­³£¹Ø×¢Ïà¹Ø©¶´£¬¼°Ê±Éý¼¶ÏµÍ³Ìí¼Ó²¹¶¡¡£Ê¹ÓÃ×îа²È«°æ±¾¶Ô¼ÓÇ¿apacheÖÁ¹ØÖØÒª¶þ£ºÒþ²ØºÍαװApacheµÄ°æ±¾´òÂÒ¹¥»÷ÕߵIJ½Ö裬¸ø¹¥»÷Õß´øÀ´Âé·³£¬ÏàÐÅÊǹÜÀíÔ±Ô¸Òâ¿´µ½µÄ¡£Èí¼þµÄ©¶´ÐÅÏ¢ºÍ°æ±¾ÊÇÏà¹ØµÄ£¬ÔÚ¹¥»÷ÕßÊÕ¼¯Äã·þÎñÈí¼þÐÅϢʱºò¸øÓëÃÔ»óÊǸö²»´íµÄÑ¡Ôñ£¬ºÎ¿ö°æ±¾ºÅ£¬¶Ô¹¥»÷ÕßÀ´ËµÏ൱ÓëGPS¶¨Î»Ò»ÑùÖØҪĬÈÏÇé¿ö£¬ÏµÍ³»á°Ñapache°æ±¾Ä£¿é¶¼ÏÔʾ³öÀ´£¨http·µ»ØÍ·£©£¬Èç¹ûÁоÙĿ¼µÄ»°£¬»áÏÔʾÓòÃûÐÅÏ¢£¨ÎļþÁбíÕýÎÄ£©£¬È¥³ýApache°æ±¾ºÅµÄ·½·¨ÊÇÐÞ¸ÄÅäÖÃÎļþ£¬ÕÒµ½¹Ø¼ü×Ö,ÐÞ¸ÄΪϱßServerSignature offServerTokens prodͨ¹ý·ÖÎöweb·þÎñÆ÷ÀàÐÍ£¬´óÖ¿ÉÒÔÍƲâ²Ù×÷ϵͳÀàÐÍ£¬winʹÓÃiis,linuxÆÕ±éapache£¬Ä¬ÈϵÄApacheÅäÖÃÀïûÓÐÈκÎÐÅÏ¢±£ »¤»úÖÆ£¬²¢ÇÒÔÊÐíĿ¼ä¯ÀÀ£¬Í¨¹ýĿ¼ä¯ÀÀ£¬Í¨³£¿ÉÒԵõ½ÀàËÆ¡°apache/1.37 Server at apache.linuxforum.net Port 80¡±»ò¡°apache/2.0.49(unix)PHP/4.3.8¡±µÄÐÅϢͨ¹ýÐÞ¸ÄÅäÖÃÎļþÖеÄServerTokens²ÎÊý£¬¿ÉÒÔ½«ApacheµÄÏà¹ØÐÅÏ¢Òþ²ØÆðÀ´£¬Èç¹û²»ÐеĻ°£¬¿ÉÄÜÊÇÌáʾÐÅÏ¢±»±àÒëÔÚ³ÌÐòÀïÁË£¬ÒªÒþ²ØÐèÒªÐÞ¸ÄapacheµÄÔ´´úÂ룬ȻºóÖØбàÒë³ÌÐò£¬ÒÔÌæ»»ÄÚÈݱ༭ap_release.hÎļþ£¬ÐÞ¸Ä"#define AP_SERVER_BASEPRODUCT\"Apache\""Ϊ"#define AP_SERVER_BASEPRODUCT\"Microsoft-IIS/5.0\"±à¼­os/unix/os.hÎļþÐÞ¸Ä"#define PLATFORM\"Unix\""Ϊ"#define PLATFORM\'Win32"ÐÞ¸ÄÍê³Éºó£¬ÖØбàÒ룬°²×°apache,ÔÚÐÞ¸ÄÅäÖÃÎļþΪÉϱß×ö¹ýµÄ£¬ÔÙ´ÎÆô¶¯apacheºó£¬Óù¤¾ßɨÃ裬·¢ÏÖÌáʾÐÅÏ¢ÖÐÒѾ­ÏÔʾΪwindows²Ù×÷ϵͳÁË˳±ã˵Ï£¬ÏÖÔÚÕâ¸öÂÛ̳£¬¾ÍÓе㲻̫½²¾¿£¬ÕâÊÇÂÛ̳´íÎóµÄ·µ»ØÐÅÏ¢£¬¿´ÁËÓе㺹µØ¸Ð¾õApache/2.2.8 (Ubuntu) DAV/2 SVN/1.4.6 mod_ssl/2.2.8 OpenSSL/0.9.8g Server at forum.ubuntu.org.cn Port 80Õâ¸öµÈÓÚ¸æË߶ñÒâÓû§ºÜ¶àÓÐÓÃÐÅÏ¢£¬ËäȻ˵²»Ë㿪ÁËÃÅ£¬µ«µÈÓÚ±»¸æËßÁËÃÅÔÚÄÇÀ»¹ÊÇÏ൱ΣÏÕµÄÈý£º½¨Á¢°²È«µÄĿ¼½á¹¹apache·þÎñÆ÷°üÀ¨ËĸöĿ¼½á¹¹ServerRoot #±£´æÅäÖÃÎļþ£¬¶þ½øÖÆÎļþÓëÆäËû·þÎñÆ÷ÅäÖÃÎļþDocumentRoot #±£´æwebÕ¾µãÄÚÈÝ£¬°üÀ¨HTMLÎļþºÍͼƬµÈScripAlias #±£´æCGI½Å±¾Customlog ºÍ Errorlog #±£´æÈÕÖ¾ºÍ´íÎóÈÕÖ¾½¨ÒéµÄĿ¼½á¹¹Îª£¬ÒÔÉÏËÄÖÖĿ¼Ï໥¶ÀÁ¢²¢ÇÒ²»´æÔÚ¸¸×ÓÂß¼­¹Øϵע£º

¡¡¡¡ServerRootĿ¼ֻÄÜΪrootÓû§·ÃÎÊ

¡¡¡¡DocumentRootĿ¼Ӧ¸ÃÄܹ»±»¹ÜÀíwebÕ¾µãÄÚÈݵÄÓû§·ÃÎʺÍʹÓÃapache·þÎñÆ÷µÄapacheÓû§Óë×é·ÃÎÊScripAliasĿ¼Ӧ¸ÃÖ»Äܱ»CGI¿ª·¢ÈËÔ±ºÍapacheÓû§·ÃÎÊCustomlog ºÍ ErrorlogÖ»Äܱ»root·ÃÎÊϱßÊÇÒ»¸ö°²È«Ä¿Â¼½á¹¹µÄÊÂÀý+-------/etc/|| +----/http (ServerRoot)| +----/logs (Customlog ºÍ Errorlog)|+-------var/www|| +---/cgi-bin (ScripAlias)| +---/html (DocumentRoot)ÕâÑùµÄĿ¼½á¹¹ÊDZȽϰ²È«µÄ£¬ÒòΪĿ¼֮¼ä¶ÀÁ¢£¬Ä³¸öĿ¼ȨÏÞ´íÎó²»»áÓ°Ïìµ½ÆäËûĿ¼ËÄ£ºÎªapacheʹÓÃרÃŵÄÓû§Óë×é°´ÕÕ×îСÌØȨµÄÔ­Ôò£¬ÐèÒª¸øapache·ÖÅäÒ»¸öºÏÊʵÄȨÏÞ£¬ÈÃÆäÄܹ»Íê³Éweb·þÎñ×¢£º

¡¡¡¡×îСÌØȨԭÔòÊÇϵͳ°²È«ÖÐ×î»ù±¾µÄÔ­ÔòÖ®Ò»£¬ÏÞÖÆʹÓÃÕ߶Ôϵͳ¼°Êý¾Ý½øÐдæÈ¡ËùÐèÒªµÄ×îСȨÏÞ£¬±£Ö¤Óû§¿ÉÒÔÍê³ÉÈÎÎñ£¬Í¬Ê±Ò²È·±£±»ÇÔÈ¡»òÒì³£²Ù×÷ËùÔì³ÉµÄËðʧ±ØÐë±£Ö¤apacheʹÓÃÒ»¸öרÃŵÄÓû§Óë×飬²»ÒªÊ¹ÓÃϵͳԤ¶¨µÄÕÊ»§£¬±ÈÈçnobodyÓû§Óënogroup×éÒòΪֻÓÐrootÓû§¿ÉÒÔÔËÐÐapache£¬DocumentRootÓ¦¸ÃÄܹ»±»¹ÜÀíwebÕ¾µãÄÚÈݵÄÓû§·ÃÎʺÍʹÓÃapache·þÎñÆ÷µÄ apacheÓû§Óë×é·ÃÎÊ£¬ÀýÈ磬ϣÍû¡°test¡±Óû§ÔÚwebÕ¾µã·¢²¼ÄÚÈÝ£¬²¢ÇÒ¿ÉÒÔÒÔhttpdÉí·ÝÔËÐÐapache·þÎñÆ÷£¬¿ÉÒÔÕâÑùÉ趨groupadd webteamusermod -G webteam testchown -R httpd.webteam /www/htmlchmod -R 2570 /www/htdocsÖ»ÓÐrootÄÜ·ÃÎÊÈÕÖ¾£¬ÍƼöÕâÑùµÄȨÏÞchown -R root.root /etc/logschown -R 700 /etc/logsÎ壺webĿ¼µÄ·ÃÎʲßÂÔ¶ÔÓÚ¿ÉÒÔ·ÃÎʵÄwebĿ¼£¬ÒªÊ¹ÓÃÏà¶Ô±£ÊصÄ;¾¶½øÐзÃÎÊ£¬²»ÒªÈÃÓû§²é¿´ÈκÎĿ¼Ë÷ÒýÁбí½ûֹʹÓÃĿ¼Ë÷Òý£º

¡¡¡¡apacheÔÚ½Óµ½Óû§¶ÔÒ»¸öĿ¼µÄ·ÃÎÊʱ£¬»á²éÕÒDirectoryIndexÖ¸ÁîÖ¸¶¨µÄĿ¼Ë÷ÒýÎļþ£¬Ä¬ÈÏΪindex.html£¬Èç¹û¸ÃÎļþ²»´æÔÚ£¬ÄÇôapache»á´´½¨¶¯Ì¬ÁбíΪÓû§ÏÔʾ¸ÃĿ¼µÄÄÚÈÝ£¬ÕâÑù¾Í»á±©Â¶webÕ¾µã½á¹¹£¬Òò´ËÐèÒªÐÞ¸ÄÅäÖÃÎļþ½ûÖ¹ÏÔʾ¶¯Ì¬Ä¿Â¼Ë÷Òý£¬ÐÞ¸Ähttpd.confOptions -Indexes FollowSymLinksOptionsÖ¸Áî֪ͨapache½ûֹʹÓÃĿ¼Ë÷Òý£¬FollowSymLinks±íʾ²»ÔÊÐíʹÓ÷ûºÅÁ¬½Ó¡£

¡¡¡¡½ûֹĬÈÏ·ÃÎÊ£º

¡¡¡¡ÒªµÄ°²È«²ßÂÔ±ØÐëÒª½ûֹĬÈÏ·ÃÎʵĴæÔÚ£¬Ö»¶ÔÖ¸¶¨µÄĿ¼¿ª·ÅȨÏÞ£¬Èç¹ûÔÊÐí·ÃÎÊ/var/www/htmlĿ¼£¬Ê¹ÓÃÈçÏÂÉ趨Order deny,allowAllow from all½ûÖ¹Óû§ÖØÔØ£º

¡¡¡¡ÎªÁ˽ûÖ¹Óû§¶ÔĿ¼ÅäÖÃÎļþ£¨htaccess£©½øÐÐÖØÔØ£¨Ð޸ģ©£¬¿ÉÒÔÕâÑùÉ趨AllowOverride NoneÁù£ºapache·þÎñÆ÷·ÃÎÊ¿ØÖÆapacheµÄaccess.confÎļþ¸ºÔðÉèÖÃÎļþµÄ·ÃÎÊȨÏÞ£¬¿ÉÒÔʵÏÖ»¥ÁªÍøÓòÃûºÍipµØÖ·µÄ·ÃÎÊ¿ØÖÆÈçÔÊÐí192.168.1.1µ½192.168.1.254µÄÖ÷»ú·ÃÎÊ£¬¿ÉÒÔÕâÑùÉ趨order deny,allowdeny from allallow from pair 192.168.1.0/255.255.255.0Æߣºapache·þÎñÆ÷µÄÃÜÂë±£»¤.htaccessÎļþÊÇapacheÉϵÄÒ»¸öÉèÖÃÎļþ£¬ËüÊÇÒ»¸öÎı¾Îļþ£¬.htaccessÎļþÌṩÁËÕë¶ÔĿ¼¸Ä±äÅäÖõķ½·¨¼Èͨ¹ýÔÚÒ»¸öÌض¨µÄÎĵµÄ¿Â¼ÖзÅÖÃÒ»¸ö°üº¬Ò»¸ö»ò¶à¸öÖ¸ÁîµÄÎļþ£¨.htaccessÎļþ£©£¬ÒÔ×÷ÓÃÓÚ´ËĿ¼ºÍ×ÓĿ¼¡£

¡¡¡¡.htaccessµÄ¹¦ÄÜ°üÀ¨ÉèÖÃÍøÒ³ÃÜÂ룬ÉèÖ÷¢Éú´íÎóʱ³öÏÖµÄÎļþ£¬¸Ä±äÊ×ÒµµÄÎļþÃû£¨È磬index.html£©,½ûÖ¹¶ÁÈ¡ÎļþÃû£¬ÖØе¼ÏòÎļþ£¬¼ÓÉÏMIMEÀà±ð£¬½ûֹĿ¼ÏµÄÎļþµÈ¡£

¡¡¡¡×¢£º.htaccessÊÇÒ»¸öÍêÕûµÄÎļþÃû£¬²»ÊÇ***.htaccess»òÆäËû¸ñʽ£¬ÔÚ/abcĿ¼Ï·ÅÖÃÒ»¸ö.htaccessÎļþ£¬ÄÇô/abcÓëËüµÄ×ÓĿ¼¶¼»á±»Õâ¸öÎļþÓ°Ï죬µ«/index.html²»»á±»Ó°Ïì.htaccessµÄ½¨Á¢ºÍʹÓñȽϸ´Ôӵ㣬Èç¹û¸ÐÐËȤµÄÅóÓÑ¿ÉÒÔ»ØÌû·¢ÎÊ£¬ÕâÀï¾Í²» ¾ßÌåд³öÀ´ÁË£¬ÕâÖÖ±£»¤Òª±ÈijЩ³ÌÐòʵÏֵı£»¤°²È«£¬ÄÇÖÖ·½·¨¿ÉÒÔͨ¹ý±»²Â²â·½·¨»ñÈ¡ÃÜÂ룬ÓÃ.htaccessºÜÄѱ»Æƽ⣬µ«Îı¾·½Ê½µÄÑéÖ¤»á±È½ÏÂý£¬ ¶ÔÉÙÁ¿Óû§Ã»Ó°Ï죬µ«¶Ô´óÁ¿Óû§¾Í±ØÐëʹÓôøÊý¾ÝÄ£¿éµÄÑéÖ¤ÁË£¬ÕâÐèÒª±àÒëÔ´´úÂëʱºò¿ªÆôÄ£¿é£¬Ä¬ÈÏÊDz»¿ªÆôµÄ°Ë£ºÈÃapacheÔËÐÐÔÚ¡°¼àÀΡ±ÖС°¼àÀΡ±µÄÒâ˼ÊÇָͨ¹ýchroot»úÖÆÀ´¸ü¸Äij¸öÈí¼þÔËÐÐʱËùÄÜ¿´µ½µÄ¸ùĿ¼£¬¼òµ¥Ëµ£¬¾ÍÊDZ»ÏÞÖÆÔÚÖ¸¶¨Ä¿Â¼ÖУ¬±£Ö¤Èí¼þÖ»ÄܶԸÃĿ¼Óë×ÓĿ¼ÎļþÓÐËù¶¯×÷£¬´Ó¶ø±£Ö¤Õû¸ö·þÎñÆ÷µÄ°²È«£¬¼´Ê¹±»ÆÆ»µ»òÇÖÈ룬ËðÉËÒ²²»´óÒÔÇ°£¬unix/linuxÉϵÄdaemon¶¼ÊÇÒÔrootȨÏÞÆô¶¯µÄ£¬µ±Ê±£¬ÕâÊÇÒ»¼þÀíËùµ±È»µÄÊÂÇ飬ÏñapacheÕâÑùµÄ·þÎñÆ÷Èí¼þ£¬ÐèÒª°ó ¶¨µ½80¶Ë¿ÚÉÏÀ´¼àÌýÇëÇ󣬶ørootÊÇΨһÓÐÕâÖÖȨÏÞµÄÓû§£¬Ëæ׏¥»÷ÊֶκÍÇ¿¶ÈµÄÔö¼Ó£¬ÕâÑù»áʹ·þÎñÆ÷Êܵ½Ï൱´óµÄÍþв£¬Ò»µ«±»ÀûÓûº³åÇøÒç³ö©¶´£¬ ¾Í¿ÉÒÔ¿ØÖÆÕû¸öϵͳ¡£ÏÖÔڵķþÎñÆ÷Éè¼Æͨ³£ÒÔrootÆô¶¯£¬È»ºó½ø³Ì·ÅÆúrootȨÏÞ£¬¸ÄΪij¸öµÍ¼¶µÄÕʺÅÔËÐС£ÕâÖÖ·½Ê½ÏÔÈ»»á½µµÍ¶ÔϵͳµÄΣº¦£¬µ«¹¥»÷ Õß»¹ÊÇ»áÑ°ÕÒ©¶´ÌáÉýȨÏÞ£¬¼´Ê¹ÎÞ·¨»ñµÃrootȨÏÞ£¬Ò²¿ÉÒÔɾ³ýÎļþ£¬Í¿¸ÄÖ÷Ò³µÈΪÁ˽øÒ»²½Ìá¸ßϵͳ°²È«ÐÔ£¬linuxÄÚºËÒýÈëchroot»úÖÆ£¬chrootÊÇÄÚºËÖеÄÒ»¸öϵͳµ÷Óã¬Èí¼þ¿ÉÒÔͨ¹ýµ÷Óú¯Êý¿âµÄchrootº¯ Êý£¬À´¸ü¸Äij¸ö½ø³ÌËùÄܼûµ½µÄ¸úĿ¼£¬±ÈÈ磬apacheÈí¼þ°²×°ÔÚ/usr/local/httpdĿ¼£¬ÒÔrootÆô¶¯apache,Õâ¸örootȨ Ï޵ĸ¸½ø³Ì»áÅÉÉúÊý¸öÒÔnobodyȨÏÞÔËÐеÄ×Ó½ø³Ì£¬¸¸½ø³Ì¼àÌý80¶Ë¿Ú£¬È»ºó½»¸øij¸ö×Ó½ø³Ì´¦Àí£¬Õâʱºò×Ó½ø³ÌËù´¦µÄĿ¼Ðø³Ð¸¸½ø³Ì£¬¼´/usr /local/httpdĿ¼£¬µ«ÊÇÒ»µ«Ä¿Â¼È¨ÏÞÉ趨´íÎ󣬱»¹¥»÷µÄapache×Ó½ø³Ì¿ÉÒÔ·ÃÎÊ/usr/local , /usr ,/tmpÉõÖÁÕû¸öÎļþϵͳ£¬ÒòΪapache½ø³ÌËù´¦µÄ¸úĿ¼ÈÔÈ»ÊÇÕû¸öÎļþϵͳµÄ¸úĿ¼£¬Èç¹û¿ÉÒÔÓÃchroot½«apacheÏÞÖÆÔÚ/usr /local/httpd/Ï£¬ÄÇôapacheËù´æÈ¡µÄÎļþ¶¼±»ÏÞÖÆÔÚ/usr/local/httpdÏ£¬´´½¨chroot¼àÀεÄ×÷ÓþÍÊǽ«½ø³ÌȨÏÞ ÏÞÖÆÔÚÎļþĿ¼Ê÷Ï£¬±£Ö¤°²È«¡£

¡¡¡¡Èç¹û×Ô¼ºÊÖ¶¯apacheµÄ¼àÀΣ¬½«ÊǺܷ³ËöºÍ¸´ÔӵŤ×÷£¬ÐèҪǣ³¶µ½¿âÎļþ£¬ÕâÀï¿ÉÒÔʹÓÃjail°üÀ´¼ò»¯¼àÀεÄʵÏÖjailµÄ¹Ù·½ÍøվΪ£º http://www.jmcresearch.comÓÐÐËȤ¿ÉÒÔ¹ä¹äÕâÀïÒ²²»Ð´³ö¾ßÌåµÄ´´½¨¹ý³ÌÉÔ΢Âé·³£¬Èç¹û¶Ô°²È«ÓÐÐèÒªµÄ»°£¬Çë»ØÌû£¬»á¼°Ê±²¹ÉÏ

¡¡¡¡¾Å£ºapache·þÎñÆ÷·À·¶Dosapache·þÎñ¾­³£»áÅöµ½Dos¹¥»÷£¬·À·¶µÄÖ÷ÒªÊÖ¶ÎÊÇͨ¹ýÈí¼þ£¬apahce Dos Evasive Maneuvers ModuleÀ´ÊµÏֵģ¬ËüÊÇÒ»¿îmod_accessµÄ´úÌæÈí¼þ£¬¿ÉÒÔ¶Ô¿¹DoS¹¥»÷£¬¸ÃÈí¼þ¿ÉÒÔ¿ìËپܾøÀ´×ÔÏàͬµØÖ·¶ÔͬһURLµÄÖظ´ÇëÇó£¬Í¨¹ý²éѯÄÚ²¿Ò»ÕŸ÷×Ó½ø³ÌµÄ¹þÏ£±íÀ´ÊµÏÖ¿ÉÒÔµ½ÍøÖ·£ºhttp://online/.securityfocus.com/tools/ ÉÏÏÂÔØÈí¼þÊ®£º¼õÉÙCGIºÍSSI·çÏÕCGI½Å±¾µÄ©¶´ÒѾ­³ÉΪWEB·þÎñÆ÷µÄÊ×Òª°²È«Òþ»¼£¬Í¨³£ÊdzÌÐò±àдCGI½Å±¾²úÉúÁËÐí¶à©¶´£¬¿ØÖÆCGIµÄ©¶´³ýÁËÔÚ±àдʱºò×¢Òâ¶ÔÊäÈëÊý¾Ý µÄºÏ·¨¼ì²é£¬¶Ôϵͳµ÷ÓõĽ÷É÷ʹÓõÈÒòËØÍ⣬Ê×ÏÈʹÓÃCGI³ÌÐòËùÓÐÕßµÄIDÀ´ÔËÐÐÕâЩ³ÌÐò£¬¼´Ê¹±»Â©¶´Î£º¦Ò²½öÏÞÓÚ¸ÃIDÄÜ·ÃÎʵÄÎļþ£¬²»»á¶ÔÕû¸öϵͳ ´øÀ´ÖÂÃüµÄΣº¦£¬Òò´ËÐèÒª½÷É÷ʹÓÃCGI³ÌÐò¡£

¡¡¡¡1.3°æµÄapache¼¯³ÉÁËsuEXEC³ÌÐò£¬¿ÉÒÔΪapacheÌṩCGI³ÌÐòµÄ¿ØÖÆÖ§³Ö£¬¿ÉÒÔ°ÑsuEXEC¿´×öÒ»¸ö°ü×°Æ÷£¬ÔÚApache½Óµ½CGI³ÌÐòµÄµ÷ÓÃÇëÇóºó£¬°ÑÕâ¸öÇëÇ󽻸øsuEXECÀ´¸ºÔðÍê³É¾ßÌåµ÷Ó㬲¢´ÓsuEXEC·µ»Ø½á¹û£¬suEXEC¿ÉÒÔ½â¾öһЩ°²È«ÎÊÌ⣬µ«»áÓ°ÏìËÙ¶ÈÈç¹ûÊǶ԰²È«ÐÔÒªÇóºÜ¸ßʱºò£¬½¨ÒéʹÓÃsuEXEC£¬´ËÍ⻹ÓÐÒ»¸öÈí¼þCGIWrap£¬ËüµÄ°²È«ÐÔÒª¸ßÓësuEXEC¼õÉÙSSI½Å±¾·çÏÕ£¬Èç¹ûÓÃexecµÈSSIÃüÁîÔËÐÐÍⲿ³ÌÐò£¬Ò²»á´æÔÚÀàËÆCGI½Å±¾·çÏÕ£¬³ýÁËÄÚ²¿µ÷ÊÔ³ÌÐòʱ£¬Ó¦Ê¹ÓÃoptionÃüÁî½ûÖ¹ÆäʹÓãº

¡¡¡¡Option IncludesNOEXECʮһ£ºÊ¹ÓÃssl¼Ó¹ÌApacheʹÓþßÓÐSSL¹¦ÄܵķþÎñÆ÷£¬¿ÉÒÔÌá¸ßÍøÕ¾Ãô¸ÐÒ³µÄ°²È«ÐÔÄÜ£¬SSL¹¤×÷ÓëTCP/IPЭÒéºÍHTTPЭÒéÖ®¼äSSL¿ÉÒÔ¼ÓÃÜ»¥ÁªÍøÉÏ´«µÝµÄÊý¾ÝÁ÷£¬ÌṩÉí·ÝÑéÖ¤£¬ÔÚÏß¹ºÎï¶ø²»±Øµ£ÐıðÈËÇÔÈ¡ÐÅÓÿ¨ÐÅÏ¢£¬ÔÚ»ùÓÚµç×ÓÉÌÎñºÍ»ùÓÚwebÓʼþµÄµØ·½·Ç³£ÖØÒª¡£

    • ÆÀÂÛ
    • ·ÖÏí΢²©
    • ·ÖÏíÓʼþ