Apache web page optimization (web page compression, web page caching, hidden version information, Apache anti-theft chain)

Preface

In enterprises, only the default configuration parameters are used after Apache is deployed, which will cause many problems for the website. In other words, the default configuration is for the previous low server configuration. With the development of the Internet era, the previous default configuration is no longer applicable to the present. .

---

1. Web page compression

①Check whether the mod_deflate module is installed

apachectl -t -D DUMP_MODULES | grep "deflate"

②If the mod_deflate module is not installed, recompile and install Apache to add the mod_deflate module

systemctl stop httpd.service              #停止httpd服务
cd /usr/local/httpd/conf/
mv httpd.conf httpd.conf.bak              #备份配置文件

yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel     #安装依赖包

cd /opt/httpd-2.4.29/                          
./configure \
--prefix=/usr/local/httpd \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi \
--enable-deflate                   #加入mod_deflate模块

make -j 4 && make install          #编译安装

③Configure mod_deflate module to enable

vim /usr/local/httpd/conf/httpd.conf

Listen 192.168.153.10                                 #52行，修改IP地址
LoadModule deflate_module modules/mod_deflate.so      #105行，取消注释，开启 mod_deflate 模块
ServerName www.muzi.com:80                            #199行，取消注释，修改域名

--末行添加--
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml text/javascript text/jpg text/png
DeflateCompressionLevel 9       
SetOutputFilter DEFLATE          
</IfModule>

AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml text/javascript text/jpg text/png
#代表对哪些内容启用gzip压缩
DeflateCompressionLevel 9        #代表压缩级别，范围为1~9
SetOutputFilter DEFLATE          #代表启用deflate模块对本站点的输出进行gzip压缩

④Check the installation and start the service

apachectl -t    或者    httpd -t                   #验证配置文件的配置是否正确
apachectl -t -D DUMP_MODULES | grep "deflate"     #检查 mod_deflate 模块是否以安装
deflate_module (shared)                           #已安装的正确结果
   
systemctl start httpd.service

⑤Test whether mod_deflate compression takes effect

cd /usr/local/httpd/htdocs
先将music.jpg文件传到/usr/local/httpd/htdocs目录下

vim index.html
<html><body><hl>I opened my eyes last night and saw you in the low light.
Walking down by the bay, on the shore,staring up at the planes that aren't there anymore
I was feeling the night grow old and you were looking so cold
Like an introvert, I drew my over shirt.Around my arms and began to shiver violently before
You happened to look and see the tunnels all around me.Running into the dark underground</hl>
<img src="music.jpg"/>
</body></html>

• Method 1
  In the Linux system, open the Firefox browser, right-click and click to view the element.
  Select Network —> select HTML, WS, and other
  access http://192.168.153.10, double-click the 200 response message to see that the response header contains Content-Encoding: " gzip"

• Method 2
  Install Microsoft, NET4 and fiddler software in the Windows system in turn, open the fiddler software,
  select inspectors —> select the Headers
  browser to visit http://192.168.153.10, double-click the 200 response message to view the Content-Encoding: "gzip"

2. Web page caching

①Check whether the mod_expires module is installed

apachectl -t -D DUMP_MODULES | grep "expires"

②If the mod_expires module is not installed, recompile and install Apache to add the mod_expires module

systemctl stop httpd.service
cd /usr/local/httpd/conf/
mv httpd.conf httpd.conf.bak1

yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel
cd /opt/httpd-2.4.29/
./configure \
--prefix=/usr/local/httpd \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi \
--enable-deflate \
--enable-expires              #加入mod_expires模块

make -j 4 && make install

③Configure mod_expires module to enable

vim /usr/local/httpd/conf/httpd.conf

Listen 1192.168.153.10:80                            #修改52行
LoadModule expires_module modules/mod_expires.so     #111行，取消注释，开启 mod_expires 模块
ServerName www.wt.com:80                             #199行，取消注释，修改

--末行添加--
<IfModule mod_expires.c>
  ExpiresActive On                                #打开网页缓存功能
  ExpiresDefault "access plus 60 seconds"         #设置缓存60秒
</IfModule>

④Check the installation and start the service

apachectl -t   或者  httpd -t                      #验证配置文件的配置是否正确
apachectl -t -D DUMP_MODULES | grep "expires"     #检查 mod_expires 模块是否以安装
expires_module (shared)                           #已安装的正确结果

systemctl start httpd.service

⑤Test whether the cache is effective

cat /usr/local/httpd/htdocs/index.html

• Method 1
  In the Linux system, open the Firefox browser, right-click and click to view the elements.
  Select Network —> Select HTML, WS, Others.
  Visit http://192.168.153.10, and double-click the 200 response message to view the Expires item in the response header

• Method 2
  Install Microsoft, NET4 and fiddler software in the Windows system in turn, open the fiddler software,
  select inspectors —> select the Headers
  browser to visit http://192.168.153.10, double-click the 200 response message to view the Expires item

Third, hide version information

vim /usr/local/httpd/conf/httpd.conf

Include conf/extra/httpd-default.conf          #491行,取消注释

vim /usr/local/httpd/conf/extra/httpd-default.conf

ServerTokens Prod      #55行，将原本的Full改为Prod，只显示名称，没有版本
                       #ServerTokens表示Server回送给客户端的响应头域是否包含关于服务器os 类型和编译过的模块描述信息。

systemctl restart httpd.service

浏览器访问 http://192.168.153.10， 双击200响应消息查看 Server 项

Four, Apache anti-leech

①Check whether the mod_rewrite module is installed

apachectl -t -D DUMP_MODULES | grep "rewrite"

②If the mod_rewrite module is not installed, recompile and install Apache to add the mod_rewrite module

systemctl stop httpd.service
cd /usr/local/httpd/conf
mv httpd.conf httpd.conf.bak2

yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel
cd /opt/httpd-2.4.29/
./configure \
--prefix=/usr/local/httpd \
--enable-so \
--enable-rewrite \             #加入mod_rewrite模块
--enable-charset-lite \
--enable-cgi \
--enable-deflate \
--enable-expires

make && make install

④Enable mod_rewrite module

vim /usr/ local/httpd/conf/httpd .conf

LoadModule rewrite_module modules/mod_rewrite.so         #157行，取消注释

<Directory "/usr/local/httpd/htdocs">                    #224行
options Indexes FollowSymLinks
AllowOverride None
Require all granted

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://wt.com/.*$ [NC]          #打开rewrite功能，加入mode_rewrite模块内容
RewriteCond %{HTTP_REFERER} !^http://wt.com$ [NC]             #设置匹配规则
RewriteCond %{HTTP_REFERER} !^http://www.wt.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.wt.com/$ [NC]
RewriteRule .*\.(gif|jpg|swf)$ http://www.wt.com/error.jpg     #设置跳转动作
</Directory>

解释：
RewriteCond %{HTTP_REFERER} !^http://www.muzi.com/.*$ [NC] 的字段含义:
“%{HTTP_REFERER}”：存放一个链接的URL，表示从哪个链接访问所需的网页。
“!^”：表示不以后面的字符串开头。
“http://www.wt.com” ：是本网站的路径，按整个字符串匹配。
“.*$”:表示以任意字符结尾。
“[NC]”:表示不区分大小写字母。

⑤Web page preparation

Web源主机配置:
cd /usr/local/httpd/htdocs
将music.jpg、error.png文件传到/usr/local/httpd/htdocs目录下

vim index.html

<html><body><h1>this is wt.com!</h1>
<img src="game.jpg"/>                        " "内为图片文件名
</body></html>

echo "192.168.199.10 www.wt.com" >> letc/hosts
echo "192.168.199.20 www.abc.com" >>/etc/hosts

盗链网站主机:
cd /usr/local/httpd/htdoes        #yum安装的httpd服务的默认路径为/var/www/html/
vim index.html
<html><body><hl>this is abc.com!</h1>
<img src="http://www.wt.com/music.jpg"/>          #" "内为图片地址
</body></html>

echo "192.168.153.10 www.wt.com" >> letc/hosts
echo "192.168.153.12 www.abc.com" >>/etc/hosts

⑥Browser verification on the host of the Pitotran site

http://www.abc.com