11月19日任务
11.25 配置防盗链
11.26 访问控制Directory
11.27 访问控制FilesMatch
- 通过限制referer来实现防盗链的功能
- 配置文件增加如下内容
- <Directory /data/wwwroot/www.123.com>
- SetEnvIfNoCase Referer "http://www.123.com" local_ref
- SetEnvIfNoCase Referer "http://123.com" local_ref
- SetEnvIfNoCase Referer "^$" local_ref
- <filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
- Order Allow,Deny
- Allow from env=local_ref
- </filesmatch>
- </Directory>
- curl -e "http://www.aminglinux.com/123.html" 自定义referer
11.25 配置防盗链
[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -t
Syntax OK
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful
#把猿课论坛加入白名单就可以进行访问了。
11.26 访问控制Directory
核心配置文件内容
<Directory /data/wwwroot/www.123.com/admin/>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
curl测试状态码为403则被限制访问了
[root@zgxlinux-01 111.com]# curl -x127.0.0.1:80 111.com/admin/index.php
121212
[root@zgxlinux-01 111.com]# curl -x192.168.56.128:80 111.com/admin/index.php
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /admin/index.php
on this server.<br />
</p>
</body></html>
11.27 访问控制FilesMatch
核心配置文件内容
<Directory /data/wwwroot/www.123.com>
<FilesMatch "admin.php(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
</Directory>