配置 Apache 服务器禁止所有非法域名 访问自己的服务器
时间:2020-10-03 10:15:33|栏目:Linux|点击: 次
1、http2.4.1以前:
第一种 直接拒绝访问
打开 httpd.conf 文件,将一下配置追加到文件最后。
<pre name="code" class="html"><pre name="code" class="html"><pre name="code" class="html">#直接拒绝所有非法域名 <VirtualHost *:80> ServerName * ServerAlias * <Location /> Order Allow,Deny Deny from all </Location> ErrorLog "/alidata/log/httpd/error.log" CustomLog "/alidata/log/httpd/info.log" common </VirtualHost> </pre><pre name="code" class="html"><pre name="code" class="html">#允许的域名 <VirtualHost *:80> DocumentRoot /alidata/www ServerName www.你的域名 ServerAlias www.你的域名 <Directory "/alidata/www"> Options Indexes FollowSymLinks AllowOverride all Order allow,deny Allow from all </Directory> <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^(.*)-htm-(.*)$ .php? RewriteRule ^(.*)/simple/([a-z0-9\_]+\.html)$ /simple/index.php? </IfModule> ErrorLog "/alidata/log/httpd/error.log" CustomLog "/alidata/log/httpd/info.log" common </VirtualHost>
重启apache服务:service httpd restart
第二种 跳转到指定目录或文件
打开 httpd.conf 文件,将一下配置追加到文件最后。
#所有非法域名跳转到指定目录或文件 <pre name="code" class="html"><pre name="code" class="html"><VirtualHost *:80> #指定目录或文件 DocumentRoot "/yun/www" ServerName * ServerAlias * </VirtualHost> </pre><pre name="code" class="html"><pre name="code" class="html">#允许的域名 <VirtualHost *:80> DocumentRoot /alidata/www/fdt ServerName www.fdt-art.com ServerAlias www.fdt-art.com <Directory "/alidata/www/fdt"> Options Indexes FollowSymLinks AllowOverride all Order allow,deny Allow from all </Directory> <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^(.*)-htm-(.*)$ .php? RewriteRule ^(.*)/simple/([a-z0-9\_]+\.html)$ /simple/index.php? </IfModule> #错误日志 ErrorLog "/alidata/log/httpd/error.log" CustomLog "/alidata/log/httpd/info.log" common </VirtualHost>
重启apache服务:service httpd restart
2、http2.4.1 以后:
http2.4.1 以后不再需要NameVirtualHost以及不再支持ServerName * 这种写法。
使用ServerName * 会报Invalid ServerName “*” use ServerAlias to set multiple server names.
第一种:直接拒绝
打开 httpd.conf 在文件末尾加上一下代码:
<pre name="code" class="html"><pre name="code" class="html">#禁止所有非法域名 <VirtualHost *:80> ServerName 服务器ip ServerAlias * <Location /> Order Allow,Deny Deny from all </Location> </VirtualHost> <pre name="code" class="html">#允许访问的域名 <VirtualHost *:80> DocumentRoot /alidata/www ServerName www.你的域名 ServerAlias www.你的域名 <Directory "/alidata/www"> Options Indexes FollowSymLinks AllowOverride all Order allow,deny Allow from all </Directory> <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^(.*)-htm-(.*)$ .php? RewriteRule ^(.*)/simple/([a-z0-9\_]+\.html)$ /simple/index.php? </IfModule> #错误日志保存位置 ErrorLog "/alidata/log/httpd/error.log" CustomLog "/alidata/log/httpd/info.log" common </VirtualHost>
重启apache服务:service httpd restart
第二种:跳转到指定目录或文件
打开 httpd.conf 在文件末尾加上一下代码:
<pre name="code" class="html"><pre name="code" class="html">#禁止所有非法域名 <VirtualHost *:80> DocumentRoot "/alidata/www" ServerName 服务器ip ServerAlias * <Location /alidata/www> Order Allow,Deny Allow from all </Location> </VirtualHost> </pre> <pre name="code" class="html">#允许访问的域名 <VirtualHost *:80> DocumentRoot /alidata/www/fdt ServerName www.fdt-art.com ServerAlias www.fdt-art.com <Directory "/alidata/www/fdt"> Options Indexes FollowSymLinks AllowOverride all Order allow,deny Allow from all </Directory> <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^(.*)-htm-(.*)$ .php? RewriteRule ^(.*)/simple/([a-z0-9\_]+\.html)$ /simple/index.php? </IfModule> #错误日志保存位置 ErrorLog "/alidata/log/httpd/error.log" CustomLog "/alidata/log/httpd/info.log" common </VirtualHost>
重启apache服务:service httpd restart