Chapter structure
Apache web page optimization
● web page compression
● web cache
Apache security optimization
● hide version information
● configure anti-leech
Apache web optimization
Overview of Apache Webpage Optimization 2-1
■In an enterprise, only the default configuration parameters are used after Apache is deployed, which will
cause many problems for the website. In other words, the default configuration is for the previous low
server configuration, and the previous configuration is no longer suitable for the current Internet era
. Need to consider how to improve the performance
and stability of Apache, this is the content of Apache optimization
Overview of Apache webpage optimization 2-2
■ Optimize content
● Configure web page compression function
● Configure web cache
● Work mode selection and parameter optimization
● Configure hidden version number
● Configure anti-theft chain.
Introduction to gzip
■Configure Apache's web page compression function, which uses gzip compression algorithm to compress
the web page content before transmitting it to the client browser.
■Function
● Reduces the number of bytes transmitted on the network and accelerates the speed of page loading
●Saves traffic and improves users Browsing experience
●gzip has a better relationship with search engine crawling tools
Apache compression module
Apache Compression Module 2-1
■The functional modules that Apache implements web page compression include
●mod gzip module
● mod_deflate module
■Apache 1.x
●There is no built-in web compression technology, but third-party mod gzip module can be used to perform
compression.
■Apache 2.x
●Under development At that time, the module
mod_ deflate was built in instead of mod _gzip
Apache compression module 2-2
■mod_ gzip module and mod_ deflate module
●Both use gzip compression algorithm, the operation principle is similar
●mod_ deflate compression speed is slightly faster, while the compression ratio of mod gzip is slightly higher
mod_ gzip takes a higher CPU usage on the server
●High traffic server, using the MOD the deflate likely than the MOD _gzip plus
faster upload speeds
■ enabled web page compression step
Configure web page compression function 4-2
■Check whether the mod_ deflate module is installed
●Execute the apachectl -t -D DUMP_ MODULES command
●If there is no deflate_module (static) in the output, it means that the
mod_ deflate module is not installed when compiling.
■If it is not installed, recompile and install it
●./ configure --enable-deflate...
●make && make install
Configure web page compression function 4-3
■ open configuration in the httpd.conf configuration gzip function
● AddOutputFilterByType DEFLATE text / HTML text / Plain
text / CSS text / XM) textjavascript)
set after what kind of content
is compressed with gzip
● DeflateCompressionL Evel
compression level
● SetOutputFilter DEFLATE
after use deflate
MUN gzip-compresses an output of this site
Configure web page compression function 4-4
■Restart the Apache service, and then use the Firefox browser to visit the test site.
■Select "View Elements" in the browser, and you can see "Accept-
Encoding: gzip" indicating that the compression has taken effect
Configure the cache time of web pages
Configure the cache time of web pages 5-1
■Configure Apache through the mod_ expire module, so that web pages can be
cached in the client browser for a period of time to avoid repeated requests.
■When mod_ expire module is enabled,
the Expires tag and Cache-Control tag in the page header information will be automatically generated to reduce customer
access frequency and the number of terminals, to reduce unnecessary traffic and increase access speed purposes
Configure the cache time of web pages 5-2
Steps to enable web caching
Configure the cache time of web pages 5-3
■Check whether the mod_ expire module is installed
●/usr/local/apache/bin/apachectl -t -D DUMP_ MODULES
●If there is no expires_ module (static) in the output, it means that
mod_ expires
is not installed when compiling ■If it is not installed, Need to recompile and install
●./configure --enable-expires...
in
●make && make install
Configure Apache to hide version information 2-1
■The version information of Apache reveals certain vulnerability information, which
brings security risks to the website.
■Hidden version information of Apache must be configured in the production environment
Configure Apache to realize anti-leech 7-1
■Anti-hotlinking is to prevent others' website code from embezzling
pictures, files, videos and other related resources on our own server .
■If others embezzle these static resources of the website, it will obviously increase
the bandwidth pressure of the server .
■As a website Maintenance personnel, to prevent the static resources of the server from being
embezzled by other websites
Configure Apache to realize anti-leech 7-7
■Configuration operation demonstration
●Modify the configuration file to enable the anti-theft chain function and set rules
◆RewriteEngine On
◆RewriteCond %{HTTP_ REFERER} !^http://kxr.com/. $ [NC]
◆RewriteCond %{HTTP_ REFERER} !http: //kxr.com$ [NC]
◆RewriteCond %{HTTP_ REFERER} !^http://www.kxr.com/. $ [NC]
◆RewriteCond %{HTTP_ REFERER} !^http://www.kxr. com/$ [NC]
◆RewriteRule .*.(gifljpg|swf)$ http://www.kxr.com/error.png