企业级Apache详解2

http_conf主配置说明

root@lamp01 apache]# grep -Ev "#|^$" conf/httpd.conf
DocumentRoot "/usr/local/apache/htdocs"           -->服务器的根目录
Listen 80                                         -->监听本机所有IP的80端口
User daemon                                       -->默认用户
Group daemon                                      -->默认属组
</IfModule>
</IfModule>
ServerAdmin you@example.com                       -->管理员邮箱
DocumentRoot "/usr/local/apache/htdocs"           -->默认站点目录
<Directory />                                     -->权限控制，表示根目录拒绝所有连接
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>
<Directory "/usr/local/apache/htdocs">           -->新添加站点时候必须重新配置
    Options Indexes FollowSymLinks               -->允许显示目录结构，不安全
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
<IfModule dir_module>                             -->网站首页
    DirectoryIndex index.html
</IfModule>
<FilesMatch "^.ht">                              -->文件匹配
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>
ErrorLog "logs/error_log"                         -->错误日志配置
LogLevel warn                                     -->错误日志级别
<IfModule log_config_module>                      -->日志类型
    LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
    LogFormat "%h %l %u %t "%r" %>s %b" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" common
</IfModule>
<IfModule alias_module>                           -->支持cgi-bin的配置，以及淘汰的语言
    ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
</IfModule>
<IfModule cgid_module>
</IfModule>
<Directory "/usr/local/apache/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>
DefaultType text/plain
<IfModule headers_module>
    RequestHeader unset Proxy early
</IfModule>
<IfModule mime_module>
    TypesConfig conf/mime.types
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
</IfModule>
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

Apache结构优化：

    1.不对外展示目录结构       

vim /usr/local/apache/conf/http.conf
            <Directory "/usr/local/apache/htdocs">           #新添加站点时候必须重新配置
                Options -Indexes FollowSymLinks              #注释掉htdocs下的Indexes(添加-) 
                AllowOverride None
                Order allow,deny
                Allow from all
            </Directory>

    2.删除cgi-bin(已经淘汰的)      

 vim /usr/local/apache/conf/http.conf
            #<Directory "/usr/local/apache/cgi-bin">
                #AllowOverride None
                #Options None
                #Order allow,deny
                #Allow from all
            #</Directory>

    3.关闭界面不显示Apache版本号(注释掉即可)       

vim /usr/local/apache/conf/extra/httpd-default.conf 
            #ServerTokens Full
            #ServerSignature On

    4.打印不带图片的日志

隐藏Apache版本信息

1.编译源文件，进行修改
    vim /root/software/httpd-2.2.34/include/ap_release.h 
2.修改默认UNIX
     vim /root/software/httpd-2.2.34/os/unix/os.h 
       define PLATFORM "WIN"        -->修改点