Apache静态元素过期时间和防盗链
作者:互联网
Apache静态元素过期时间
浏览器访问网站的图片时会把静态的文件缓存在本地电脑里,这样下次再访问时就不用去远程下载了。
配置了静态元素过期时间之后会定期清掉文件缓存
要求:第一次访问静态文件状态码为200,之后访问代码为304,将文件缓存到了本地上,通过配置静态元素过期时间实现定期删除静态的文件缓存。
配置静态元素过期时间
1.放开并增加新的模块
vim /usr/local/apache2.4/conf/httpd.conf //主配置文件
LoadModule expires_module modules/mod_expires.so //放开expires模块
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //增加expires模块
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<IfModule mod_expires.c>
ExpiresActive on //打开该功能的开关
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min" //其他的没有缓存
</IfModule>
ErrorLog "logs/www.111.com-error_log"
CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>
/usr/local/apache2.4/bin/apachectl -t
/usr/local/apache2.4/bin/apachectl graceful
2.对比配置前后的参数信息
[root@antong extra]# curl -xlocalhost:80 www.111.com/images/img.jpg -I //配置前
HTTP/1.1 200 OK
Date: Sat, 07 Aug 2021 04:17:46 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.30
Last-Modified: Wed, 04 Aug 2021 18:02:13 GMT
ETag: "ede7-5c8bf9a161340"
Accept-Ranges: bytes
Content-Length: 60903
Content-Type: image/jpeg
[root@antong extra]# curl -xlocalhost:80 www.111.com/images/img.jpg -I //配置后
HTTP/1.1 200 OK
Date: Sat, 07 Aug 2021 04:20:12 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.30
Last-Modified: Wed, 04 Aug 2021 18:02:13 GMT
ETag: "ede7-5c8bf9a161340"
Accept-Ranges: bytes
Content-Length: 60903
Cache-Control: max-age=86400 //过期时间
Expires: Sun, 08 Aug 2021 04:20:12 GMT
Content-Type: image/jpeg
Apache防盗链
底层原理:通过限制referer来实现防盗链的功能
会有黑客占用别人服务器的资源显示它们的东西,会被占用压力。
配置防盗链
1.在配置文件添加Referer
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //增加expires模块
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com>
SetEnvIfNoCase Referer "http://www.111.com" local_ref //设置白名单
SetEnvIfNoCase Referer "http://111.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref //空的Referer能够直接访问
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)"> //定义这些文件不设置白名单
Order Allow,Deny //定义一个顺序,先允许或先拒绝。看谁写在前面
Allow from env=local_ref //允许写下了前面,允许local_ref访问
</filesmatch>
</Directory>
ErrorLog "logs/www.111.com-error_log"
CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>
/usr/local/apache2.4/bin/apachectl -t
/usr/local/apache2.4/bin/apachectl graceful
2.curl来查看配置结果
[root@antong extra]# curl -e "http://www.111.com/123.php" -xlocalhost:80 www.111.com/images/img.jpg -I //因为从白名单跳转过来的可以访问
HTTP/1.1 200 OK
Date: Sat, 07 Aug 2021 04:45:50 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.30
Last-Modified: Wed, 04 Aug 2021 18:02:13 GMT
ETag: "ede7-5c8bf9a161340"
Accept-Ranges: bytes
Content-Length: 60903
Content-Type: image/jpeg
[root@antong extra]# curl -e "http://www.douxue.com/123.php" -xlocalhost:80 www.111.com/images/img.jpg -I //因为不是从白名单跳转过来的不可以访问
HTTP/1.1 403 Forbidden
Date: Sat, 07 Aug 2021 04:44:14 GMT
Server: Apache/2.4.33 (Unix) PHP/5.6.30
Content-Type: text/html; charset=iso-8859-1
标签:过期,local,www.111,plus,usr,Apache,com,防盗链,apache2.4 来源: https://www.cnblogs.com/antong/p/15111643.html