【LAMP环境搭建】配置防盗链、访问控制Directory和访问控制FilesMatch

来源：互联网发布：反贪风暴知乎编辑：程序博客网时间：2024/05/29 03:55

一、配置防盗链

通过限制referer来实现防盗链的功能

配置文件增加如下内容：

vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<Directory /data/wwwroot/www.123.com>
SetEnvIfNoCase Referer "http://www.123.com" local_ref
SetEnvIfNoCase Referer "http://123.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>

</Directory>

curl -e "http://www.aminglinux.com/123.html" 自定义referer

二、访问控制Directory

核心配置文件内容：

vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<Directory /data/wwwroot/www.123.com/admin/>
Order deny,allow
Deny from all
Allow from 127.0.0.1

</Directory>

curl测试状态码为403则被限制访问了

三、访问控制FilesMatch

核心配置文件内容：

vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<Directory /data/wwwroot/www.123.com>
<FilesMatch "admin.php(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
</Directory>

扩展
几种限制ip的方法：
http://ask.apelearn.com/question/6519

apache 自定义header ：
http://ask.apelearn.com/question/830

apache的keepalive和keepalivetimeout ：
http://ask.apelearn.com/question/556

阅读全文

'); })();