Apache靜態元素過期時間和防盜鏈
阿新 • • 發佈:2021-08-07
Apache靜態元素過期時間
瀏覽器訪問網站的圖片時會把靜態的檔案快取在本地電腦裡,這樣下次再訪問時就不用去遠端下載了。
配置了靜態元素過期時間之後會定期清掉檔案快取
要求:第一次訪問靜態檔案狀態碼為200,之後訪問程式碼為304,將檔案快取到了本地上,通過配置靜態元素過期時間實現定期刪除靜態的檔案快取。
配置靜態元素過期時間
1.放開並增加新的模組
vim /usr/local/apache2.4/conf/httpd.conf //主配置檔案 LoadModule expires_module modules/mod_expires.so //放開expires模組 vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //增加expires模組 <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "/usr/local/apache2.4/docs/www.111.com" ServerName www.111.com ServerAlias 111.com <IfModule mod_expires.c> ExpiresActive on //開啟該功能的開關 ExpiresByType image/gif "access plus 1 days" ExpiresByType image/jpeg "access plus 24 hours" ExpiresByType image/png "access plus 24 hours" ExpiresByType text/css "now plus 2 hour" ExpiresByType application/x-javascript "now plus 2 hours" ExpiresByType application/javascript "now plus 2 hours" ExpiresByType application/x-shockwave-flash "now plus 2 hours" ExpiresDefault "now plus 0 min" //其他的沒有快取 </IfModule> ErrorLog "logs/www.111.com-error_log" CustomLog "logs/www.111.com-access_log" combined </VirtualHost> /usr/local/apache2.4/bin/apachectl -t /usr/local/apache2.4/bin/apachectl graceful
2.對比配置前後的引數資訊
[root@antong extra]# curl -xlocalhost:80 www.111.com/images/img.jpg -I //配置前 HTTP/1.1 200 OK Date: Sat, 07 Aug 2021 04:17:46 GMT Server: Apache/2.4.33 (Unix) PHP/5.6.30 Last-Modified: Wed, 04 Aug 2021 18:02:13 GMT ETag: "ede7-5c8bf9a161340" Accept-Ranges: bytes Content-Length: 60903 Content-Type: image/jpeg [root@antong extra]# curl -xlocalhost:80 www.111.com/images/img.jpg -I //配置後 HTTP/1.1 200 OK Date: Sat, 07 Aug 2021 04:20:12 GMT Server: Apache/2.4.33 (Unix) PHP/5.6.30 Last-Modified: Wed, 04 Aug 2021 18:02:13 GMT ETag: "ede7-5c8bf9a161340" Accept-Ranges: bytes Content-Length: 60903 Cache-Control: max-age=86400 //過期時間 Expires: Sun, 08 Aug 2021 04:20:12 GMT Content-Type: image/jpeg
Apache防盜鏈
底層原理:通過限制referer來實現防盜鏈的功能
會有黑客佔用別人伺服器的資源顯示它們的東西,會被佔用壓力。
配置防盜鏈
1.在配置檔案新增Referer
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //增加expires模組 <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "/usr/local/apache2.4/docs/www.111.com" ServerName www.111.com ServerAlias 111.com <Directory /usr/local/apache2.4/docs/www.111.com> SetEnvIfNoCase Referer "http://www.111.com" local_ref //設定白名單 SetEnvIfNoCase Referer "http://111.com" local_ref SetEnvIfNoCase Referer "^$" local_ref //空的Referer能夠直接訪問 <filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)"> //定義這些檔案不設定白名單 Order Allow,Deny //定義一個順序,先允許或先拒絕。看誰寫在前面 Allow from env=local_ref //允許寫下了前面,允許local_ref訪問 </filesmatch> </Directory> ErrorLog "logs/www.111.com-error_log" CustomLog "logs/www.111.com-access_log" combined </VirtualHost> /usr/local/apache2.4/bin/apachectl -t /usr/local/apache2.4/bin/apachectl graceful
2.curl來檢視配置結果
[root@antong extra]# curl -e "http://www.111.com/123.php" -xlocalhost:80 www.111.com/images/img.jpg -I //因為從白名單跳轉過來的可以訪問
HTTP/1.1 200 OK
Date: Sat, 07 Aug 2021 04:45:50 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.30
Last-Modified: Wed, 04 Aug 2021 18:02:13 GMT
ETag: "ede7-5c8bf9a161340"
Accept-Ranges: bytes
Content-Length: 60903
Content-Type: image/jpeg
[root@antong extra]# curl -e "http://www.douxue.com/123.php" -xlocalhost:80 www.111.com/images/img.jpg -I //因為不是從白名單跳轉過來的不可以訪問
HTTP/1.1 403 Forbidden
Date: Sat, 07 Aug 2021 04:44:14 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.30
Content-Type: text/html; charset=iso-8859-1