Apache web optimization
Article Directory
- Apache web optimization
-
- 1. Overview of Apache webpage optimization
- 2. Web page compression configuration
-
- 1. First turn off the firewall and selinux firewall
- 2. Check if the mod_ deflate module is installed
- 3. Remove or rename the previous Apache configuration file
- 4. If the mod_deflate module is not installed, recompile and install Apache to add the mod_deflate module
- 5. Configure mod_deflate module to enable
- 6. Check the installation and start the service
- 7. Test whether the compression module is effective (two methods to verify)
- Three, web page caching
- Four, hide version information
- Five, Apache anti-leech
-
- 1. The process of hotlinking
- 2. Configure anti-theft chain
-
- 1) Check whether the mod_rewrite module is installed (the above experiment of the rewrite function is directly skipped)
- 2) If the mod_rewrite module is not installed, recompile and install Apache to add the mod_rewrite module
- 3) Enable mod_rewrite module
- 4) Access verification on the virtual machine side
- Detailed explanation about Rewrite field configuration:
1. Overview of Apache webpage optimization
In an enterprise, only the default configuration parameters are used after Apache is deployed, which will cause many problems for the website. In other words, the default configuration is for the previously low server configuration. The previous configuration is no longer applicable in the current Internet era.
In order to adapt to the needs of enterprises, you need to consider How to improve the performance and stability of Apache, this is the content of Apache optimization
1. Optimize content
- Configure web page compression
- Configure web cache
- Selection of working mode and parameter optimization
- Configure hidden version number
- Configure anti-leech
...
2.gzip introduction
Configure Apache's web page compression function, which uses the gzip compression algorithm to compress the web page content before transmitting it to the client browser
- effect:
Reduces the number of bytes transmitted over the network, speeds up the loading of web pages,
saves traffic, and improves the user’s browsing experience.
gzip has a better relationship with search engine crawling tools.
3. Apache's compression module
1) Apache's functional modules for web page compression include
mod_ gzip module
mod_ deflate module
2)Apache 1.x
There is no built-in web page compression technology, but the third-party mod_ gzip module can be used to perform compression
3)Apache 2.x
During development, the module mod_deflate is built in instead of mod_ gzip
4.mod_gzip module and mod_deflate module
- Both use the gzip compression algorithm and the principle of operation is similar
- mod_deflate compression speed is slightly faster, while mod_gzip compression ratio is slightly higher
- mod_gzip occupies a higher CPU on the server
- For high-traffic servers, using mod_deflate may load faster than mod_ gzip
5. Configure the cache time of web pages
Configure Apache through the mod_ expire module to enable web pages to be cached in the client browser for a period of time to avoid repeated requests.
After the mod_ expire module is enabled, the Expires tag and Cache-Control tag in the page header information will be automatically generated, thereby reducing the client’s Frequency and number of visits to achieve the purpose of reducing unnecessary traffic and increasing access speed
2. Web page compression configuration
Experimental purpose
Configure the webpage to enable the webpage compression function
1. First turn off the firewall and selinux firewall
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
2. Check if the mod_ deflate module is installed
Nothing will be displayed if it is not installed
apachectl -t -D DUMP_MODULES | grep "deflate"
3. Remove or rename the previous Apache configuration file
cd /usr/local/httpd/conf
ls
mv httpd.conf httpd.conf.bak1
4. If the mod_deflate module is not installed, recompile and install Apache to add the mod_deflate module
#重新编译安装需要先将服务关闭
systemctl stop httpd.service
#使用该命令查看是否关闭成功
systemctl status httpd.service
yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel
cd /opt/httpd-2.4.29/
./configure \
--prefix=/usr/local/httpd \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi \
--enable-deflate #加入mod_deflate 模块
make && make install #重新编译安装会生成新的httpd配置文件
5. Configure mod_deflate module to enable
vim /usr/local/httpd/conf/httpd.conf
-------52行修改------------------
Listen 192.168.12.8:80
-------105行取消注释--------------
LoadModule deflate_module modules/mod_deflate.so #开启mod_deflate 模块
-------198行取消注释并修改---------
ServerName www.mhh.com:80
-------末行添加------------------
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml text/javascript text/jpg text/png #代表对什么样的内容启用gzip压缩
DeflateCompressionLevel 9 #代表压缩级别,范围为1~9
SetOutputFilter DEFLATE #代表启用deflate 模块对本站点的输出进行gzip压缩
</IfModule>
6. Check the installation and start the service
apachectl -t #验证配置文件的配置是否正确
apachectl -t -D DUMP_MODULES | grep "deflate" #检查 mod_deflate 模块是否已安装
deflate_module (shared) #已安装的正确结果
systemctl start httpd.service
7. Test whether the compression module is effective (two methods to verify)
cd /usr/local/httpd/htdocs
Switch to the directory /usr/local/httpd/htdocs, and drag the picture to xshell
ls View the existing image file and home page file index.html in the directory, and edit the home page file as follows
vim index.html
<meta charset="utf-8">
<html><body><h1>
I am going to live every minute of it.</h1>
<img src="心灵奇旅.png"/>
</body></html>
systemctl restart httpd.service
Method 1:
In the Linux system of the virtual machine, open the Firefox browser, right-click and click to view the element.
Select Network→Reload→Select HTML, WS, Others to
visit http://192.168.2.8, and check that the response header contains Content-Encoding : gzip
enters the virtual machine for verification
Look at the response header and find that it contains a compression module
Method 2:
Install Microsoft.NET4 and fiddler software in the Windows system of the virtual machine in turn, open the fiddler software
win10, only need to install fiddler.exe, and install without mind.
Select inspectors —> select Headers
browser to visit http://192.168.2.8, double-click 200 response message view Content-Encoding: gzip
Open the fiddler4 software
Visit the webpage http://192.168.2.8, if it is not displayed on the left, it is recommended to clear the browser cache and reopen the browser and re-enter the ip to visit again.
Three, web page caching
1. Check if the mod_expires module is installed
apachectl -t -D DUMP_MODULES | grep "expires"
2. If the mod_expires module is not installed, recompile and install Apache to add the mod_expires module
systemctl stop httpd.service
cd /usr/local/httpd/conf
ls
mv httpd.conf httpd.conf.bak2 #把之前做的网页压缩的配置文件改名
yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel
cd /opt/httpd-2.4.29/
./configure \
--prefix=/usr/local/httpd \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi \
--enable-deflate \
--enable-expires #加入mod_expires 模块
make && make install
3. Configure mod_expires module to enable
vim /usr/local/httpd/conf/httpd.conf
---------52行修改--------
Listen 192.168.2.8:80
-------111行取消注释------
LoadModule expires_module modules/mod_expires.so #开启mod_expires模块
-----198行取消注释,修改------
ServerName www.mhh.com:80
-----末行添加---------
<IfModule mod_expires.c>
ExpiresActive On #打开网页缓存功能
ExpiresDefault "access plus 50 seconds" #设置缓存60秒
</IfModule>
4. Check the installation and start the service
apachectl -t #验证配置文件的配置是否正确
apachectl -t -D DUMP_MODULES | grep "expires" #检查 mod_deflate 模块是否已安装
deflate_module (shared) #已安装的正确结果
systemctl start httpd.service
5. Test whether the cache is effective
cat /usr/local/httpd/htdocs/index.html
Method 1:
In the Linux system, open the Firefox browser, right-click and click to view the elements.
Select Network —> Select HTML, WS, Others.
Visit http://192.168.2.8 and check that the response header contains the Expires item
Method 2:
Install Microsoft.NET4 and fiddler software in the Windows system in turn, open the fiddler software,
select inspectors —> select the Headers
browser to visit http://192.168.2.8, double-click the 200 message to view the Expires item
Four, hide version information
1. Edit the configuration file
vim /usr/local/httpd/conf/httpd.conf
----491行附件取消注释-------
Include conf/extra/httpd-default.conf
vim /usr/local/httpd/conf/extra/httpd-default.conf
-----55行,将原本的 Full 改为 Prod,只显示名称,没有版本-------
ServerTokens Prod
#ServerTokens 表示 Server 回送给客户端的响应头域是否包含关于服务器 OS 类型和编译过的模块描述信息。
systemctl restart httpd.service
2. Visit http://192.168.2.8 on the browser side of the virtual machine
Five, Apache anti-leech
-
Anti-hotlinking is to prevent others' website code from embezzling pictures, files, videos and other related resources on our own server
-
If others embezzle these static resources of the website, it will obviously increase the bandwidth pressure of the server
-
As the maintainer of the website, it is necessary to prevent the static resources of the server from being embezzled by other websites
1. The process of hotlinking
On the server side, copy the image address
Prepare another virtual machine as the hotlink machine (the hotlink machine here is httpd installed with yum, if you compile and install with source code, the main configuration file and the home page file are saved in different locations)
df -Th
yum install -y httpd
vim /etc/httpd/conf/httpd.conf
cd /var/www/html
vim index.html
echo "192.168.2.8 www.mhh.com" >> /etc/hosts
echo "192.168.2.3 www.daolianji.com" >> /etc/hosts
systemctl restart httpd
Finally, the hot chain machine is directly accessed by www.daolianji.com
2. Configure anti-theft chain
1) Check whether the mod_rewrite module is installed (the above experiment of the rewrite function is directly skipped)
apachectl -t -D DUMP_MODULES | grep "rewrite"
2) If the mod_rewrite module is not installed, recompile and install Apache to add the mod_rewrite module
systemctl stop httpd.service
cd /usr/local/httpd/conf
mv httpd.conf httpd.conf.bak2
yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel
cd /opt/httpd-2.4.29
./configure \
--prefix=/usr/local/httpd \
--enable-so \
--enable-rewrite \
--enable-charset-lite \
--enable-cgi \
--enable-deflate \
--enable-expires
make && make install
3) Enable mod_rewrite module
vim /usr/local/httpd/conf/httpd.conf
---------156行取消注释--------
LoadModule rewrite_module modules/mod_rewrite.so
---------224行—————————
<Directory "/usr/local/httpd/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
RewriteEngine On #打开 rewrite 功能,加入 mode_rewrite 模块内容
RewriteCond %{HTTP_REFERER} !^http://mhh.com/.*$ [NC] #设置匹配规则
RewriteCond %{HTTP_REFERER} !^http://mhh.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.mhh.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.mhh.com/$ [NC]
RewriteRule .*\.(gif|jpg|swf|png)$ http://www.mhh.com/error.jpg #设置跳转动作
Pull the jump picture to the /usr/local/httpd/htdocs directory
systemctl restart httpd.service #重启httpd服务
4) Access verification on the virtual machine side
The domain name access of the hot chain machine automatically redirects
The detailed view is as follows
Access through the server's domain name is normal
Detailed explanation about Rewrite field configuration:
RewriteCond %{HTTP_REFERER} !^http://www.mhh.com/.*$ [NC] 的字段含义:
“%{HTTP_REFERER}” :存放一个链接的 URL,表示从哪个链接访问所需的网页。
“!^” :表示不以后面的字符串开头。
“http://www.mhh.com” :是本网站的路径,按整个字符串匹配。
“.*$” :表示以任意字符结尾。
“[NC]” :表示不区分大小写字母。
RewriteRule .*\.(gif|swf|png)$ http://www.mhh.com/error.jpg 的字段含义:
“.” :表示匹配一个字符。
“*” :表示匹配 0 到多个字符,与“.”合起来的意思是匹配 0 到多次 前面的任意字符,如果是 1 到多次匹配可以用“+”表示。
“\.” :在这里的“\”是转义符,“\.”就代表符号“.”的意思。因为“.”在指令中是属于规则字符,有相应的含义, 如果需要匹配,需要在前面加个转义符“\”,其它规则字符如果需要匹配,也做同样处理。
“(gif|swf|png)” :表示匹配“gif”、“swf”、“png”任意一个,“$”表示结束。最后的规则是以“.gif”、“.swf”、“png”结尾, 前面是1到多个字符的字符串,也就是匹配图片类型的文件。
“http://www.mhh.com/error.jpg” :表示转发到这个路径 。
整个配置的含义是 使用本网站以外的网站域名 访问本站的图片文件时,显示 error.jpg 这个图片。