上海平台网站建设公司,一个网站怎样做两个后台,广州h5网站制作公司,网络技术工程师是干什么的Apache2默认采用的是80端口号#xff0c;因此直接通过公网ip或域名就能访问。现实中#xff0c;很多服务器本身就部署了许多其它服务#xff0c;80端口号往往被占用#xff0c;因此就需要将Apache2改成其它访问端口。
修改端口#xff0c;首先需要修改/etc/apache2/ports…Apache2默认采用的是80端口号因此直接通过公网ip或域名就能访问。现实中很多服务器本身就部署了许多其它服务80端口号往往被占用因此就需要将Apache2改成其它访问端口。
修改端口首先需要修改/etc/apache2/ports.conf这个文件 这里吧80改成其它不冲突的端口号我这里以1024为例 #Listen 80 Listen 1024 Listen 443 #VirtualHost *:80 VirtualHost *:1024 # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating 注这个文件中还有一个DocumentRoot修改该参数可以调整文件系统的根路径。
修改完成之后重启apache2
1 /etc/init.d/apache2 restart 此时就可以通过访问域名:1024的形式访问到同样内容例如我的服务器访问url为http://xdxsb.top:1024
设置访问限制 个人服务器很容易遭到别人的攻击如果有人开好多线程来反复请求下载这就将导致流量带宽消耗巨大甚至会让服务器宕机。因此长期提供下载服务的服务器必须设置访问限制。 配置文件参数详解 访问限制主要涉及到/etc/apache2/apache2.conf这个配置文件首先来对该文件进行解读。 这个文件内容如下
This is the main Apache server configuration file. It contains the
configuration directives that give the server its instructions.
See http://httpd.apache.org/docs/2.4/ for detailed information about
the directives and /usr/share/doc/apache2/README.Debian about Debian specific
hints. Summary of how the Apache 2 configuration works in Debian:
The Apache 2 web server configuration in Debian is quite different to
upstream’s suggested way to configure the web server. This is because Debian’s
default Apache2 installation attempts to make adding and removing modules,
virtual hosts, and extra configuration directives as flexible as possible, in
order to make automating the changes and administering the server as easy as
possible.
It is split into several files forming the configuration hierarchy outlined
below, all located in the /etc/apache2/ directory: /etc/apache2/
|-- apache2.conf
| -- ports.conf
|-- mods-enabled
| |-- *.load
| -- *.conf
|-- conf-enabled
| -- *.conf
-- sites-enabled
-- *.conf * apache2.conf is the main configuration file (this file). It puts the pieces
together by including all remaining configuration files when starting up the
web server. * ports.conf is always included from the main configuration file. It is
supposed to determine listening ports for incoming connections which can be
customized anytime. * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
directories contain particular configuration snippets which manage modules,
global configuration fragments, or virtual host configurations,
respectively. They are activated by symlinking available configuration files from their
respective *-available/ counterparts. These should be managed by using our
helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
their respective man pages for detailed information. * The binary is called apache2. Due to the use of environment variables, in
the default configuration, apache2 needs to be started/stopped with
/etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
work with the default configuration.
Global configuration ServerRoot: The top of the directory tree under which the server’s
configuration, error, and log files are kept. NOTE! If you intend to place this on an NFS (or otherwise network)
mounted filesystem then please read the Mutex documentation (available
at URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex);
you will save yourself a lot of trouble. Do NOT add a slash at the end of the directory path. #ServerRoot “/etc/apache2” The accept serialization lock file MUST BE STORED ON A LOCAL DISK. #Mutex file:${APACHE_LOCK_DIR} default The directory where shm and other runtime files will be stored. DefaultRuntimeDir ${APACHE_RUN_DIR} PidFile: The file in which the server should record its process
identification number when it starts.
This needs to be set in /etc/apache2/envvars PidFile ${APACHE_PID_FILE} Timeout: The number of seconds before receives and sends time out. Timeout 300 KeepAlive: Whether or not to allow persistent connections (more than
one request per connection). Set to “Off” to deactivate. KeepAlive On MaxKeepAliveRequests: The maximum number of requests to allow
during a persistent connection. Set to 0 to allow an unlimited amount.
We recommend you leave this number high, for maximum performance. MaxKeepAliveRequests 100 KeepAliveTimeout: Number of seconds to wait for the next request from the
same client on the same connection. KeepAliveTimeout 5
These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER} Group ${APACHE_RUN_GROUP} HostnameLookups: Log the names of clients or just their IP addresses
e.g., www.apache.org (on) or 204.62.129.132 (off).
The default is off because it’d be overall better for the net if people
had to knowingly turn this feature on, since enabling it means that
each client request will result in AT LEAST one lookup request to the
nameserver. HostnameLookups Off
ErrorLog: The location of the error log file.
If you do not specify an ErrorLog directive within a
container, error messages relating to that virtual host will be
logged here. If you do define an error logfile for a
container, that host’s errors will be logged there and not here. ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel: Control the severity of messages logged to the error_log.
Available values: trace8, …, trace1, debug, info, notice, warn,
error, crit, alert, emerg.
It is also possible to configure the log level for particular modules, e.g.
“LogLevel info ssl:warn” LogLevel warn
Include module configuration:
IncludeOptional mods-enabled/.load IncludeOptional mods-enabled/.conf
Include list of ports to listen on
Include ports.conf
Sets the default security model of the Apache2 HTTPD server. It does
not allow access to the root filesystem outside of /usr/share and /var/www.
The former is used by web applications packaged in Debian,
the latter may be used for local directories served by the web server. If
your system is serving content from a sub-directory in /srv you must allow
access here, or in any related virtual host. Options FollowSymLinks AllowOverride None Require all denied
参数解释
PidFile:记录服务器启动进程号的文件
Timeout:接收和发送前超时秒数
KeepAlive:是否允许稳固的连接(每个连接有多个请求)设为Off则停用
MaxKeepAliveRequests:在稳固连接期间允许的最大请求数设为0表示无限制接入
KeepAliveTimeout:在同一个连接上从同一台客户上接收请求的秒数
User/Group:运行的用户和组
HostnameLookups指定记录用户端的名字还是IP地址 例如本指令为on时记录主机名如www.apache.org为off时记录IP地址204.62.129.132。默认值为off这要比设为on好得多因为如果设为on则每个用户端请求都将会至少造成对 nameserver 进行一次查询。
ErrorLog:错误日志文件定位
LogLevel:控制记录在错误日志文件中的日志信息 可选值debuginfonoticewarnerrorcritalertemerg
Directory在标签对里面可以设置各文件夹属性
Options控制在特定目录中将使用哪些服务器特性
All除MultiViews之外的所有特性这是默认设置 ExecCG允许使用mod_cgi执行CGI脚本 FollowSymLinks服务器允许在此目录中使用符号连接如果此配置位于配置段中则会被忽略 Includes允许使用mod_include提供的服务器端包含 IncludesNOEXEC允许服务器端包含但禁用#exec cmd和#exec cgi但仍可以从ScriptAlias目录使用#include virtual虚拟CGI脚本 Indexes如果一个映射到目录的URL被请求而此目录中又没有DirectoryIndex(例如index.html)那么服务器会返回由mod_autoindex生成的一个格式化后的目录列表 MultiViews允许使用mod_negotiation提供内容协商的多重视图(MultiViews) SymLinksIfOwnerMatch服务器仅在符号连接与其目的目录或文件的拥有者具有相同的uid时才使用它。 如果此配置出现在配置段中则将被忽略 AllowOverride确定允许存在于.htaccess文件中的指令类型 语法AllowOverride All|None|directive-type [directive-type] 如果此指令被设置为None 那么.htaccess文件将被完全忽略。 directive-type可以是下列各组指令之一
AuthConfig : 允许使用与认证授权相关的指令 FileInfo : 允许使用控制文档类型的指令、控制文档元数据的指令、mod_rewrite中的指令、mod_actions中的Action指令 Indexes : 允许使用控制目录索引的指令 Limit : 允许使用控制主机访问的指令 Order控制默认的访问状态与Allow和Deny指令生效的顺序
Deny,Allow : Deny指令在Allow指令之前被评估。默认允许所有访问。任何不匹配Deny指令或者匹配Allow指令的客户都被允许访问 Allow,Deny : Allow指令在Deny指令之前被评估。默认拒绝所有访问。任何不匹配Allow指令或者匹配Deny指令的客户都将被禁止访问 Mutual-failure : 只有出现在Allow列表并且不出现在Deny列表中的主机才被允许访问。这种顺序与Order Allow,Deny具有同样效果 Allow控制哪些主机可以访问服务器的该区域。可以根据主机名、IP地址、 IP地址范围或其他环境变量中捕获的客户端请求特性进行控制。 语法Allow from all|host|envenv-variable [host|envenv-variable]
Deny控制哪些主机被禁止访问服务器的该区域。可以根据主机名、IP地址、 IP地址范围或其他环境变量中捕获的客户端请求特性进行控制。 语法Deny from all|host|envenv-variable [host|envenv-variable]
Require访问限制
all granted表示允许所有主机访问all denied表示拒绝所有主机访问local表示仅允许本地主机访问[not] host 主机名或域名列表表示允许或拒绝指定主机或域名访问[not] ip IP地址或网段列表表示允许或拒绝指定的IP地址或网段访问
AccessFileName设置分布式配置文件的名字默认为.htaccess 如果为某个目录启用了分布式配置文件功能那么在向客户端返回其中的文档时服务器将在这个文档所在的各级目录中查找此配置文件
FilesMatch^.ht拒绝对.ht开头文件的访问,以保护.htaccess文件
LogFormat定义访问日志的格式
