PHP Advanced and Object-Oriented Programming
Larry Ullman
The standard solution in these situations is to use the Apache Web server’s mod_rewrite module to allow for “prettier” URLs. mod_rewrite is a tool that lets you instruct the server that when the user goes to one URL, the server should provide another resource. mod_rewrite makes use of regular expressions, so the matching pattern and resulting actual URL can be as complex as needed.
These, and other changes to Apache’s behavior, can be made in two ways: by editing the primary Apache configuration file or by creating directory-specific files. The primary configuration file is httpd.conf, found within a conf directory, and it dictates how the entire Apache Web server runs (where the httpd.conf file is on your system will depend on many things). An .htaccess
file (pronounced “H-T access”) is placed within a Web directory and is used to affect how Apache behaves within just that folder and subfolders.
Generally speaking, it’s preferable to make changes in the httpd.conf file, since this file needs to be read only by the Web server each time the server is started. Conversely, .htaccess files must be read by the Web server once for every request to which an .htaccess file might apply.
 
 
 

[Sun Jan 07 20:42:16.394102 2018] [rewrite:error] [pid 188:tid 2172] [client 192.168.2.102:51806] AH00670: Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive is also forbidden due to its similar ability to circumvent directory restrictions : C:/phpStudy/PHPTutorial/WWW/fastdatav/
[Sun Jan 07 20:52:22.419296 2018] [rewrite:error] [pid 188:tid 2172] [client 192.168.2.102:52530] AH00670: Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive is also forbidden due to its similar ability to circumvent directory restrictions : C:/phpStudy/PHPTutorial/WWW/fastdatav/

<IfModule dir_module>
    DirectoryIndex index.html index.php index.htm l.php
</IfModule>


#
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other 
# <Directory> blocks below.
#
DocumentRoot  "C:\phpStudy\PHPTutorial\WWW"
<Directory />
    Options +Indexes +FollowSymLinks +ExecCGI
    AllowOverride All
    Order allow,deny
    Allow from all
    Require all granted
</Directory>
+Indexes 表示允许对目录文件生成列表
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#

#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
    DirectoryIndex index.html index.php index.htm l.php
</IfModule>
按照顺序,有index.php l.php同时有时,执行index.php  

#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<Files ".ht*">
    Require all denied
</Files>


http://192.168.2.102/.htmy
You don't have permission to access /.htmy on this server.

http://192.168.2.102/.mytxt
显示.mytxt文本内容




#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
日志位置
#ErrorLog "logs/error.log"
#ErrorLog "|bin/rotatelogs.exe -l logs/error-%Y-%m-%d.log 2M"

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
日志记录级别
LogLevel debug

<IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #

日志记录格式 

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    #
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <VirtualHost>
    # container, they will be logged here.  Contrariwise, if you *do*
    # define per-<VirtualHost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    #
    ##CustomLog "logs/access.log" common

    #
    # If you prefer a logfile with access, agent, and referer information
    # (Combined Logfile Format) you can use the following directive.
    #
    #CustomLog "logs/access.log" combined
</IfModule>




Apache的Order Allow,Deny 详解


Allow和Deny可以用于apache的conf文件或者.htaccess文件中(配合Directory, Location, Files等),用来控制目录和文件的访问授权。






所以,最常用的是:
Order Deny,Allow
Allow from All


注意“Deny,Allow”中间只有一个逗号,也只能有一个逗号,有空格都会出错;单词的大小写不限。上面设定的含义是先设定“先检查禁止设定,没有禁止的全部允许”,而第二句没有Deny,也就是没有禁止访问的设定,直接就是允许所有访问了。这个主要是用来确保或者覆盖上级目录的设置,开放所有内容的访问权。


按照上面的解释,下面的设定是无条件禁止访问:
Order Allow,Deny
Deny from All


如果要禁止部分内容的访问,其他的全部开放:
Order Deny,Allow
Deny from ip1 ip2
或者
Order Allow,Deny
Allow from all
Deny from ip1 ip2


apache会按照order决定最后使用哪一条规则,比如上面的第二种方式,虽然第二句allow允许了访问,但由于在order中allow不是最后规则,因此还需要看有没有deny规则,于是到了第三句,符合ip1和ip2的访问就被禁止了。注意,order决定的“最后”规则非常重要,下面是两个错误的例子和改正方式:


Order Deny,Allow
Allow from all
Deny from domain.org
错误:想禁止来自domain.org的访问,但是deny不是最后规则,apache在处理到第二句allow的时候就已经匹配成功,根本就不会去看第三句。
解决方法:Order Allow,Deny,后面两句不动,即可。


Order Allow,Deny
Allow from ip1
Deny from all
错误:想只允许来自ip1的访问,但是,虽然第二句中设定了allow规则,由于order中deny在后,所以会以第三句deny为准,而第三句的范围中又明显包含了ip1(all include ip1),所以所有的访问都被禁止了。
解决方法一:直接去掉第三句。
解决方法二:
Order Deny,Allow
Deny from all
Allow from ip1


下面是测试过的例子:
--------------------------------
Order deny,allow
allow from all
deny from 219.204.253.8
#全部都可以通行
-------------------------------
Order deny,allow
deny from 219.204.253.8
allow from all
#全部都可以通行
-------------------------------
Order allow,deny
deny from 219.204.253.8
allow from all
#只有219.204.253.8不能通行
-------------------------------
Order allow,deny
allow from all
deny from 219.204.253.8
#只有219.204.253.8不能通行
-------------------------------
-------------------------------
Order allow,deny
deny from all
allow from 219.204.253.8
#全部都不能通行 
-------------------------------
Order allow,deny
allow from 219.204.253.8
deny from all
#全部都不能通行






 


 


 


 


 


在根目录加入


.htaccess文件




Options +FollowSymLinks





 








												


											
httpd.conf    .htaccess  apache  服务器配置的更多相关文章
	

    
								
  1. Php和httpd.conf的配置
		
    http://www.cnblogs.com/homezzm/archive/2012/08/01/2618062.html http://book.51cto.com/art/201309/4096 ...
    
		
    2. 
						
  2. Apache 的 httpd.conf 注释
		
    ServerRoot “/usr/local“ ServerRoot用于指定守护进程httpd的运行目录,httpd在启动之后将自动将进程的当前目录改变为这个目录,因此如果设置文件中指定的文件或目录是 ...
    
		
    3. 
						
  3. Apache httpd.conf配置文件 2(Main server configuration)
		
    ### Section 2: 'Main' server configuration # # The directives in this section set up the values used ...
    
		
    4. 
						
  4. Apache主配置文件httpd.conf 详解
		
    Apache的主配置文件:/etc/httpd/conf/httpd.conf 默认站点主目录:/var/www/html/ Apache服务器的配置信息全部存储在主配置文件/etc/httpd/co ...
    
		
    5. 
						
  5. 关于apache  httpd.conf脚本的理解
		
    新人一枚,这两天一直在研究lamp的搭建,感觉自己对apache理解的不够深彻,决定写这一篇(翻译)httpd.conf文件 未完待续 cat /usr/local/apache/conf/httpd ...
    
		
    6. 
						
  6. Apache 的 httpd.conf 详解
		
    ServerRoot “/usr/local“ ServerRoot用于指定守护进程httpd的运行目录,httpd在启动之后将自动将进程的当前目录改变为这个目录,因此如果设置文件中指定的文件或目录是 ...
    
		
    7. 
						
  7. Apache配置文件httpd.conf内容翻译
		
      本文已经废弃,现在apache2不依靠httpd.conf来配置. Ubuntu下默认的配置文件是/etc/apache2/sites-available/default 可以修改上面文件来修改a ...
    
		
    8. 
						
  8. linux上安装apache以及httpd.conf基本配置
		
    1.yum安装apache #yum install httpd -y 2.随系统自启动 #chkconfig httpd on 3.开启apache #service httpd start PS: ...
    
		
    9. 
						
  9. Apache的配置httpd.conf文件配置
		
    (1) 基本配置: ServerRoot "/mnt/software/apache2" #你的apache软件安装的位置.其它指定的目录如果没有指定绝对路径,则目录是相对于该目录 ...
    
		
    10. 
		

	


随机推荐
	

    
									
  1. [转]PHP判断字符串是纯英文、纯汉字或汉英混合(GBK)
			
    PHP判断字符串是否为中文(或英文)的方法,除了正则表达式判断和拆分字符判断字符的值是否小于128 外还有一种比较特别的方法. 使用php中的mb_strlen和strlen函数判断 方法比较简单:分 ...
    
			
    2. 
						
  2. 安装centos6.5
			
    我是在虚拟机上面安装的centos6.5,本机的系统是windows 2008 datacenter. 到这个地方下载镜像文件:http://mirrors.sohu.com/centos/6.5/i ...
    
			
    3. 
						
  3. 浅谈PostgreSQL的索引
			
    1. 索引的特性 1.1 加快条件的检索的特性 当表数据量越来越大时查询速度会下降,在表的条件字段上使用索引,快速定位到可能满足条件的记录,不需要遍历所有记录. create table t(id i ...
    
			
    4. 
						
  4. 高并发应对:淘宝CDN缓存服务器部署探秘
			
    转自:http://server.chinabyte.com/6/12663506.shtml “好,时间到,开抢!”坐在电脑前早已等待多时的宋兰(化名)一看时间已到2011年11月11日零时,便迫不 ...
    
			
    5. 
						
  5. LINUX网络之ifconfig命令与ping
			
    ifconfig命令 网络配置 ifconfig命令被用于配置和显示Linux内核中网络接口的网络参数.用ifconfig命令配置的网卡信息,在网卡重启后机器重启后,配置就不存在.要想将上述的配置信息 ...
    
			
    6. 
						
  6. matplotlib包画基本的图
			
    画直线图 1.最简单的用法: import matplotlib.pyplot as plt import numpy as np x=np.linspace(-3,3,50) #在(-1,1)范围内 ...
    
			
    7. 
						
  7. WP8.1学习系列(第十章)——中心控件Hub设计指南
			
    Windows Phone 应用商店应用中的中心控件指南   在本文中 说明 示例 用法指南 设计指南 相关主题 重要的 API Hub (XAML) HubSection (XAML) 说明 中心控 ...
    
			
    8. 
						
  8. Esper学习之三:进程模型
			
    之前对Esper所能处理的事件结构进行了概述,并结合了例子进行讲解,不清楚的同学请看Esper学习之二:事件类型.今天主要为大家解释一下Esper是怎么处理事件的,即Esper的进程模型. 1.Upd ...
    
			
    9. 
						
  9. 【Spring源码分析系列】启动component-scan类扫描加载过程
			
    原文地址:http://blog.csdn.net/xieyuooo/article/details/9089441/ 在spring 3.0以上大家都一般会配置一个Servelet,如下所示: &l ...
    
			
    10. 
						
  10. 【WEB前端开发最佳实践系列】JavaScript篇
			
    一.养成良好的编码习惯,提高可维护性 1.避免定义全局变量和函数,解决全局变量而导致的代码“污染”最简单的额方法就是把变量和方法封装在一个变量对象上,使其变成对象的属性: var myCurrentA ...
    
			
    11.