Apache

Posted 2021-09-27 芒果牛奶
tags:
篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了Apache相关的知识，希望对你有一定的参考价值。
yum install -y epel-release

mkdir -p /root/download

cd /root/download

wget \'https://centos7.iuscommunity.org/ius-release.rpm\'

yum install -y ius-release.rpm


 

yum install -y --enablerepo=ius-archive httpd php56u php56u-bcmath php56u-cli php56u-common \\
php56u-gd php56u-intl php56u-mbstring php56u-mcrypt php56u-mysqlnd php56u-opcache php56u-pdo \\
php56u-pear php56u-pecl-igbinary php56u-pecl-jsonc php56u-pecl-memcache php56u-pecl-memcached \\
php56u-pecl-redis php56u-process php56u-xml php56u-xmlrpc

    

sed -i \'s/short_open_tag = Off/short_open_tag = On/g\' /etc/php.ini
sed -i \'s/;error_log = syslog/error_log = syslog/g\' /etc/php.ini
sed -i \'s/memory_limit = 128M/memory_limit = 576M/g\' /etc/php.ini
sed -i \'s/;opcache.enable_cli=0/opcache.enable_cli=0/\' /etc/php.d/10-opcache.ini
sed -i \'s/;opcache.validate_timestamps=1/opcache.validate_timestamps=1/\' /etc/php.d/10-opcache.ini
sed -i \'s/opcache.memory_consumption=128/opcache.memory_consumption=512/\' /etc/php.d/10-opcache.ini
sed -i \'s/;opcache.revalidate_freq=2/opcache.revalidate_freq=30/\' /etc/php.d/10-opcache.ini
sed -i \'s/;always_populate_raw_post_data = -1/always_populate_raw_post_data = -1/g\' /etc/php.ini

> /etc/httpd/conf/httpd.conf
vi /etc/httpd/conf/httpd.conf

ServerRoot "/etc/httpd"
ServerTokens prod
PidFile run/httpd.pid

User apache
Group apache

SetEnv SCR8_ENV staging
SetEnv ENVIRONMENT staging

Listen 0.0.0.0:80

ServerAdmin support@xxx.com
ServerName www.xxx.com

UseCanonicalName Off
HostnameLookups Off

KeepAlive On
KeepAliveTimeout 60

DirectoryIndex index.php index.html index.html.var

TypesConfig /etc/mime.types
AccessFileName .htaccess
AcceptPathInfo On

<IfModule prefork.c>
StartServers            128
MinSpareServers         128
MaxSpareServers         1024
ServerLimit             2048
MaxClients              2048
MaxRequestsPerChild     2048
</IfModule>

LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule systemd_module modules/mod_systemd.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so

#LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule negotiation_module modules/mod_negotiation.so
#LoadModule headers_module modules/mod_headers.so

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule status_module modules/mod_status.so
#LoadModule ssl_module modules/mod_ssl.so
LoadModule env_module modules/mod_env.so
LoadModule php5_module modules/libphp5.so

AddHandler php5-script .php
AddType text/html .php


DocumentRoot /var/www/html

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

<Directory /var/www/html>
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from localhost
</Location>

<Files ~ ^\\.ht>
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

LogLevel warn

<IfModule log_config_module>
#    LogFormat "%{X-Forwarded-For}i %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined
    LogFormat "%V \\"%{X-Forwarded-For}i\\" %h %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined
    LogFormat "%h %l %u %t \\"%r\\" %>s %b" common
    SetEnvIf User-Agent ".*internal dummy connection.*" dontlog
    CustomLog "|/usr/bin/logger -t apache-access -p local6.notice" combined env=!dontlog
    ErrorLog "|/usr/bin/logger -t apache-error -p local6.err"
</IfModule>

<VirtualHost _default_:80>
    ServerAdmin support@xxx.com
    DocumentRoot /var/www/html/default

    ErrorLog "|/usr/bin/logger -t apache-error -p local6.err"
    CustomLog "|/usr/bin/logger -t apache-access -p local6.notice" combined env=!dontlog

    <Directory /var/www/html/default>
        Options FollowSymLinks
    Require all granted
    </Directory>
</VirtualHost>

Include conf.d/*.conf

rm -rf /etc/httpd/conf.d/*

mkdir -p /var/www/html/default
chown -R apache:apache /var/www/html/default

apachectl configtest
setsebool -P httpd_can_network_connect on
setsebool -P httpd_can_network_connect_db on
setsebool -P httpd_can_network_memcache=1
setsebool -P httpd_can_sendmail=1

systemctl enable httpd
systemctl start httpd


download db

https://www.maxmind.com/en/accounts/200702/geoip/downloads
mkdir -p /usr/share/geoip2/
cp GeoLite2-City.mmdb GeoLite2-Country.mmdb /usr/share/geoip2/

auto geoipupdate

cd ~/download/
wget https://github.com/maxmind/geoipupdate/releases/download/v4.2.2/geoipupdate_4.2.2_linux_amd64.tar.gz
tar -xf geoipupdate_4.2.2_linux_amd64.tar.gz
cd geoipupdate_4.2.2_linux_amd64
cp geoipupdate /usr/bin/
vi /etc/GeoIP.conf

AccountID xx
LicenseKey xxxx
EditionIDs GeoLite2-City GeoLite2-Country
DatabaseDirectory /usr/share/geoip2/
LockFile /usr/share/geoip2/.geoipupdate.lock

geoipupdate -V
geoipupdate -f /etc/GeoIP.conf
ls -al /usr/share/geoip2/

add cronjob

echo "0 12 * * 5 root /usr/bin/geoipupdate -f /etc/GeoIP.conf" >> /etc/crontab
以上是关于Apache的主要内容，如果未能解决你的问题，请参考以下文章
apache_conf Linux片段
elasticsearch代码片段，及工具类SearchEsUtil.java
apache_conf 针对.htaccess的安全调整片段。
apache_conf 强大的.htaccess片段，需要在最顶层使用RewriteEngine On
日志片段，类中的Logfactory声明
python分析apache和nginx日志文件输出访客ip列表的代码