配置防盗链、访问控制Directory、访问控制FilesMatch

时间 2019-11-10

标签配置防盗访问控制 directory filesmatch 繁體版

原文原文链接

11月19日任务php

11.25 配置防盗链html

11.26 访问控制Directorylinux

11.27 访问控制FilesMatchapache

经过限制referer来实现防盗链的功能
配置文件增长以下内容
<Directory /data/wwwroot/www.123.com>
SetEnvIfNoCase Referer "http://www.123.com" local_ref
SetEnvIfNoCase Referer "http://123.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
curl -e "http://www.aminglinux.com/123.html" 自定义referer

11.25 配置防盗链vim

[root@zgxlinux-01 ~]# vim /usr/local/apache2.4.37/conf/extra/httpd-vhosts.conf
curl

[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl -t
Syntax OK
[root@zgxlinux-01 ~]# /usr/local/apache2.4.37/bin/apachectl graceful
测试

#把猿课论坛加入白名单就能够进行访问了。this

11.26 访问控制Directoryurl

核心配置文件内容
<Directory /data/wwwroot/www.123.com/admin/>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
curl测试状态码为403则被限制访问了3d

[root@zgxlinux-01 111.com]# curl -x127.0.0.1:80 111.com/admin/index.php
121212
[root@zgxlinux-01 111.com]# curl -x192.168.56.128:80 111.com/admin/index.php
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /admin/index.php
on this server.<br />
</p>
</body></html>

11.27 访问控制FilesMatch

核心配置文件内容
<Directory /data/wwwroot/www.123.com>
<FilesMatch "admin.php(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
</Directory>