11.18 Apache用户认证 - 11.19/11.20 域名跳转 - 11.21 Apache访问日志

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了11.18 Apache用户认证 - 11.19/11.20 域名跳转 - 11.21 Apache访问日志相关的知识,希望对你有一定的参考价值。

- 11.18 Apache用户认证
- 11.19/11.20 域名跳转
- 11.21 Apache访问日志
- 扩展 
- apache虚拟主机开启php的短标签 http://ask.apelearn.com/question/5370


# 11.18 apache用户认证
### httpd的用户认证
- vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把123.com那个虚拟主机编辑成如下内容
```
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    <Directory /data/wwwroot/www.123.com> //指定认证的目录
        AllowOverride AuthConfig //这个相当于打开认证的开关
        AuthName "123.com user auth" //自定义认证的名字,作用不大
        AuthType Basic //认证的类型,一般为Basic,其他类型阿铭没用过
        AuthUserFile /data/.htpasswd  //指定密码文件所在位置
        require valid-user //指定需要认证的用户为全部可用用户
    </Directory>
</VirtualHost>
 /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd aming 
 ```

- 先开打虚拟主机配置文件
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf 

# Please see the documentation at 
# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option ‘-S‘ to verify your virtual host
# configuration.

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/abc.com"
    ServerName abc.com
    ServerAlias www.abc.com www.123.com
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>


                                                                  37,5          93%
```

-  把文件内容改为
```
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/abc.com"
    ServerName abc.com
    ServerAlias www.abc.com www.123.com
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com
    <Directory /data/wwwroot/111.com>
        AllowOverride AuthConfig
        AuthName "111.com user auth"
        AuthType Basic
        AuthUserFile /data/.htpasswd
        require valid-user
    </Directory>
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>


:wq         
```

- /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd aming
- -c 是creaate 创建用户  -m 是使用MD5方式 加密  /data/.htpasswd 指定密码文件目录  aming 是创建的新用户
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf 
[[email protected] ~]# /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd aming
New password: 
Re-type new password: 
Adding password for user aming
[[email protected] ~]# 

[[email protected] ~]# cat /data/.htpasswd
aming:$apr1$EXwYfiem$WmlVecIGEuLU781VJMO6y/
[[email protected] ~]# ls /data/.htpasswd
/data/.htpasswd
[[email protected] ~]# 

```
- 再增加一个用户zhangsan
```
[[email protected] ~]# /usr/local/apache2.4/bin/htpasswd -m /data/.htpasswd zhangsan
New password: 
Re-type new password: 
Adding password for user zhangsan
[[email protected] ~]# 

[[email protected] ~]# cat /data/.htpasswd 
aming:$apr1$hRjEjYks$LpCPxZ/PUOvox0ZE5Qea9.
zhangsan:$apr1$cwKQ8Lwu$P.iw/DySVIn2sBrAF3AUb0
[ro[email protected] ~]# 

```

-  重新加载配置-t , graceful  绑定hosts,浏览器测试
-  curl -x127.0.0.1:80 www.123.com //状态码为401
-  curl -x127.0.0.1:80 -uaming:passwd www.123.com //状态码为200
```
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# 

[[email protected] ~]# curl -x127.0.0.1:80 111.com
<!DOCTYPE html PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn‘t understand how to supply
the credentials required.</p>
</body></html>
[[email protected] ~]# 

[[email protected] ~]# curl -x127.0.0.1:80 111.com -I
HTTP/1.1 401 Unauthorized
Date: Sun, 08 Oct 2017 14:59:22 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
WWW-Authenticate: Basic realm="111.com user auth"
Content-Type: text/html; charset=iso-8859-1

[[email protected] ~]# 
```
-  401 这个状态码 ,是说明你访问的内容需要做用户验证
-  同样也可以在浏览器里面看下,前提你要在windows hosts文件里定义111.com
-  ![mark](http://oqxf7c508.bkt.clouddn.com/blog/20171008/230249462.png?imageslim)

```
[[email protected] ~]# curl -x127.0.0.1:80 -uaming:123456 111.com -I
HTTP/1.1 200 OK
Date: Sun, 08 Oct 2017 15:50:41 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[[email protected] ~]# curl -x127.0.0.1:80 -uaming:123456 111.com
111.com[[email protected] ~]# 
```
- 故意输错密码,又是这样
```
111.com[[email protected] ~]# curl -x127.0.0.1:80 -uaming:12345 111.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn‘t understand how to supply
the credentials required.</p>
</body></html>
[[email protected] ~]# 
```
- 关于用户认证还有另一种需求,不想针对所有的目录,一个网站总有一个敏感信息,比如一些后台访问的数据,做一个认证,针对某一个文件,做一个认证
- 打开配置文件
```
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com
   # <Directory /data/wwwroot/111.com>
     <FilesMatch 123.php>
        AllowOverride AuthConfig
        AuthName "111.com user auth"
        AuthType Basic
        AuthUserFile /data/.htpasswd
        require valid-user
     <FilesMatch>
   # </Directory>
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

:wq                    
```
- 把diretory 注释掉,换上<FilesMatch 123.php>
```
[[email protected] ~]# !vi
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf 
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# vim /data/wwwroot/111.com/123.php

<?
echo "123.php";
~                                                                                   
~               


[[email protected] ~]# vim /data/wwwroot/111.com/123.php
[[email protected] ~]# !curl
curl -x127.0.0.1:80 -uaming:12345 111.com
111.com[[email protected] ~]# curl -x127.0.0.1:80 111.com
111.com[[email protected] ~]# curl -x127.0.0.1:80 111.com -I
HTTP/1.1 200 OK
Date: Sun, 08 Oct 2017 16:20:06 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[[email protected] ~]# 
```
- 当使用123.php的时候
```
[[email protected] ~]# curl -x127.0.0.1:80 -uaming:123456 111.com/123.php -I
HTTP/1.1 200 OK
Date: Sun, 08 Oct 2017 16:21:36 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[[email protected] ~]# 
[[email protected] ~]# curl -x127.0.0.1:80 -uaming:123456 111.com/123.php
123.php[[email protected] ~]# 
[[email protected] ~]# 
[[email protected] ~]# 
[[email protected] ~]# 
[[email protected] ~]# 

```





# 11.19 域名跳转 上

- 需求,把123.com域名跳转到www.123.com,配置如下:
```
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    <IfModule mod_rewrite.c> //需要mod_rewrite模块支持
        RewriteEngine on  //打开rewrite功能
        RewriteCond %{HTTP_HOST} !^www.123.com$  //定义rewrite的条件,主机名(域名)不是www.123.com满足条件
        RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满足上面的条件时,这条规则才会执行
</IfModule>
</VirtualHost> 
```
-  /usr/local/apache2/bin/apachectl -M|grep -i rewrite //若无该模块,需要编辑配置文件httpd.conf,删除rewrite_module (shared) 前面的#
 curl -x127.0.0.1:80 -I 123.com //状态码为301


- 首先打开虚拟主机配置文件,把之前的配置的参数注释掉,暂时不用它了
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf 

# You may use the command line option ‘-S‘ to verify your virtual host
# configuration.

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/abc.com"
    ServerName abc.com
    ServerAlias www.abc.com www.123.com
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com
    #<Directory /data/wwwroot/111.com>
    <FilesMatch 123.php>
        AllowOverride AuthConfig
        AuthName "111.com user auth"
        AuthType Basic
        AuthUserFile /data/.htpasswd
        require valid-user
    </FilesMatch>
    #</Directory>
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>
                                                                  46,1          95%
```
- 打开注释掉之前配置的,
```
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com 
    #<Directory /data/wwwroot/111.com>
    # <FilesMatch 123.php>    
    #   AllowOverride AuthConfig 
    #   AuthName "111.com user auth" 
    #   AuthType Basic 
    #   AuthUserFile /data/.htpasswd 
    #   require valid-user
    #</FilesMatch> 
    #</Directory>
    <IfModule mod_rewrite.c> //需要mod_rewrite模块支持
        RewriteEngine on  //打开rewrite功能 on表示打开
        RewriteCond %{HTTP_HOST} !^111.com$  //定义rewrite的条件,主机名(域名)
不是111.com满足条件 !表示取反的意思,不是111.com
        RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满>足上面的条件时,这条规则才会执行
    </IfModule>
```

- 写好后,退出保存
```
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com 2111.com.cn
    #<Directory /data/wwwroot/111.com>
    # <FilesMatch 123.php>    
    #   AllowOverride AuthConfig 
    #   AuthName "111.com user auth" 
    #   AuthType Basic 
    #   AuthUserFile /data/.htpasswd 
    #   require valid-user
    #</FilesMatch> 
    #</Directory>
    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^111.com$        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L] 
    </IfModule>

    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

:wq   

[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf 

[1]+  已停止               vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[[email protected] ~]# ls /data/wwwroot/111.com/
123.php  index.php
[[email protected] ~]# fg
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[[email protected] ~]# 

```









# 11.20 域名跳转 下
- 改好配置文件需要重新 检测 加载一下
```
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
httpd not running, trying to start
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl start
httpd (pid 2297) already running
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# 
```
- 需要先检测一下apache 有没有加载rewrite模块
```
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -M |grep rewrite
```
- 因为我们在编译的时候指定了most ,所有这个模块一定存在的,如果没有,那就需要打开配置文件,搜下rewrite
```
[[email protected] ~]# vi /usr/local/apache2.4/conf/httpd.conf


#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
#LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule php5_module        modules/libphp5.so
LoadModule php7_module        modules/libphp7.so

<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
```
- 把#LoadModule rewrite_module modules/mod_rewrite.so 这一行#去掉,让这个模块可以加载出来
```
LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule php5_module        modules/libphp5.so
LoadModule php7_module        modules/libphp7.so

<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
:wq


[[email protected] ~]# vi /usr/local/apache2.4/conf/httpd.conf
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -M |grep rewrite
 rewrite_module (shared)
[[email protected] ~]# 

```
- 模块现在加载出来了 
- cat下虚拟主机配置文件内容
```
[[email protected] ~]# cat /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com 2111.com.cn
    #<Directory /data/wwwroot/111.com>
    # <FilesMatch 123.php>    
    #   AllowOverride AuthConfig 
    #   AuthName "111.com user auth" 
    #   AuthType Basic 
    #   AuthUserFile /data/.htpasswd 
    #   require valid-user
    #</FilesMatch> 
    #</Directory>
    <IfModule mod_rewrite.c> 
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^111.com$ 
        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
    </IfModule>

    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

[[email protected] ~]# 

```
- 再来看下
```
[[email protected] ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      839/sshd            
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1605/master         
tcp6       0      0 :::3306                 :::*                    LISTEN      1257/mysqld         
tcp6       0      0 :::80                   :::*                    LISTEN      2297/httpd          
tcp6       0      0 :::22                   :::*                    LISTEN      839/sshd            
tcp6       0      0 ::1:25                  :::*                    LISTEN      1605/master         
[[email protected] ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.202.131  netmask 255.255.255.0  broadcast 192.168.202.255
        inet6 fe80::ecdd:28b7:612b:cb7  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:2e:28:f2  txqueuelen 1000  (Ethernet)
        RX packets 2376  bytes 228809 (223.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1777  bytes 244117 (238.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 72  bytes 6260 (6.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 72  bytes 6260 (6.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[[email protected] ~]# curl -x192.168.202.131:80 111.com
111.com[[email protected] ~]# 
[[email protected] ~]# curl -x192.168.202.131:80 2111.com.cn -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 12:30:02 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[[email protected] ~]# curl -x192.168.202.131:80 2111.com.cn
abc.com[[email protected] ~]# 
[[email protected] ~]# curl -x192.168.202.131:80 111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 12:32:46 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
```
- 如果把配置文件里面的 granted 改为denied 就会变成403
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/httpd.conf

# Deny access to the entirety of your server‘s filesystem. You must
# explicitly permit access to web content directories in other 
# <Directory> blocks below.
#
<Directory />
    AllowOverride none
    #Require all granted
    Require all denied
</Directory>



[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 403 Forbidden
Date: Mon, 09 Oct 2017 12:37:18 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
Content-Type: text/html; charset=iso-8859-1

[[email protected] ~]# 
```

- 再进入配置文件 把它改回granted 
```
<Directory />
    AllowOverride none
    Require all granted
</Directory>

#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something‘s not working as
# you might expect, make sure that you have specifically enabled it
# below.
#

#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
:wq  
```
- 现在再来访问就好了
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/httpd.conf
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 12:41:18 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[[email protected] ~]# 
```
- 这个就是域名跳转,也叫做域名重定向
- 





# 11.21 apache的访问日志

-访问日志记录用户的每一个请求
 vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat 
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common 
 



- 先查看下虚拟主机配置文件内容
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[[email protected] ~]# ls /usr/local/apache2.4/logs/
111.com-access_log  abc.com-access_log  access_log  httpd.pid
111.com-error_log   abc.com-error_log   error_log
[[email protected] ~]# ls /usr/local/apache2.4/logs/111.com-access_log
/usr/local/apache2.4/logs/111.com-access_log
[[email protected] ~]# cat !$
127.0.0.1 - - [08/Oct/2017:23:31:59 +0800] "GET HTTP://111.com/ HTTP/1.1" 401 381
127.0.0.1 - - [08/Oct/2017:23:32:05 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 -
127.0.0.1 - aming [08/Oct/2017:23:50:41 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
127.0.0.1 - aming [08/Oct/2017:23:51:08 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
127.0.0.1 - aming [08/Oct/2017:23:55:20 +0800] "GET HTTP://111.com/ HTTP/1.1" 401 381
127.0.0.1 - aming [09/Oct/2017:00:19:28 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
127.0.0.1 - - [09/Oct/2017:00:19:55 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
127.0.0.1 - - [09/Oct/2017:00:20:06 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
127.0.0.1 - aming [09/Oct/2017:00:21:36 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
127.0.0.1 - aming [09/Oct/2017:00:22:38 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
127.0.0.1 - aming [09/Oct/2017:00:26:45 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
192.168.202.131 - - [09/Oct/2017:20:29:12 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 7
192.168.202.131 - - [09/Oct/2017:20:32:46 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.202.131 - - [09/Oct/2017:20:37:18 +0800] "HEAD http://111.com/123.php HTTP/1.1" 403 -
192.168.202.131 - - [09/Oct/2017:20:41:18 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 -
[[email protected] ~]# 

```
- HEAD是curl 弄出来的 
- 192.168.202.131 来源的ip 
- [09/Oct/2017:20:32:46 +0800]时间
- "HEAD 行为
- HTTP://111.com/123.php 访问的域名
- HTTP/1.1 它的http的版本1.1
- 200 状态码 200
- 7  是它的大小
- 

- 关于日志,是可给它定义格式的,在那里定义呢? 打开主配置文件vim /usr/local/apache2.4/conf/httpd.conf  搜log,找到LogFormat
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/httpd.conf

<IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
```
- LogFormat "%h %l %u %t \"%r\" %>s %b" common 
- h 你的来源ip  l 用户 u 用户名密码  t 时间 r ruquest 行为,网址,s 状态码 ,b 就是它的大小
- 另外一种格式,除了这些东西之外,还有Referer 、 User-Agent (用户代理,通过浏览器,通过curl访问,最终通过网站的内容,是通过浏览器,或者crul 代理的,这个浏览器就是 用户代理,)
- Referer ,比如访问一个网站,进入到首页,又点了一个首页笔记,这个时候服务器上记录这条日志,它还会记录一条信息Referer ,referer 就是这个一个网址跳过来,你访问这个页面的日志,它记录的rerferer 就是它

- 怎么去配置它的日志

- 把虚拟主机配置文件改成如下: 
```
 <VirtualHost *:80>
    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    CustomLog "logs/123.com-access_log" combined
</VirtualHost>
 重新加载配置文件 -t,graceful
 curl -x127.0.0.1:80 -I 123.com 
 tail /usr/local/apache2.4/logs/123.com-access_log 
```

- 首先进入虚拟主机配置文件下面
```
[[email protected] ~]# vim /usr/local/apache2.4/conf/httpd.conf
[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf


    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^111.com$
        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
    </IfModule>

    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

"/usr/local/apache2.4/conf/extra/httpd-vhosts.conf" 53L, 1705C    51,1         底端

```
- 定义一个新的格式 common 改成 combined
```
    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^111.com$
        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
    </IfModule>

    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" combined
</VirtualHost>

:wq       

[[email protected] ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[[email protected] ~]# /usr/local/apache2.4/bin/apachectl graceful
[[email protected] ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 14:01:53 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[[email protected] ~]# 

[[email protected] ~]# curl -x192.168.202.131:80 http://111.com/123.php -I
HTTP/1.1 200 OK
Date: Mon, 09 Oct 2017 14:02:25 GMT
Server: Apache/2.4.27 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[[email protected] ~]# 

```
- 再用浏览器访问下 
- 再看看它的日志
```
[roo[email protected] ~]# cat /usr/local/apache2.4/logs/111.com-access_log



192.168.202.131 - - [09/Oct/2017:22:01:53 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.131 - - [09/Oct/2017:22:02:25 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
[[email protected] ~]# 
```
- curl 访问的有 这个crul/7.29.0 但是没有rerferer  并没有记录Rerferer ,因为仅仅是记录crul的,不存在Rerferer一说,浏览器访问的,同样也没有Rerferer ,刷新试试还是没有,只是刷新还是不行,要做一个Rerferer ,需要点一次跳转,


- 192.168.133.1 – – [01/Aug/2017:01:01:21 +0800] “GET /favicon.ico HTTP/1.1” 404 209 “http://111.com/123.php” “Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.104 Safari/537.36 Core/1.53.3226.400 QQBrowser/9.6.11681.400”

- 需要类似于这样的日志,才是浏览器访问的日志,里面有Rerferer
- 这个就是叫做Rerferer   http://111.com/123.php” “Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.104 Safari/537.36 Core/1.53.3226
Chrome/53.0.2785.104 Safari/537.36 Core/1.53.3226.400 QQBrowser/9.6.11681.400”






## 扩展
- apache虚拟主机开启php的短标签 http://ask.apelearn.com/question/5370
- 针对apache的虚拟主机开启php短标签

- 在对应的 虚拟主机 配置文件中加入


    ......
    ......
    ......
    php_admin_flag short_open_tag on

以上是关于11.18 Apache用户认证 - 11.19/11.20 域名跳转 - 11.21 Apache访问日志的主要内容,如果未能解决你的问题,请参考以下文章

11.18 Apache用户认证 - 11.19/11.20 域名跳转 - 11.21 Apache访问日志

11.18 Apache用户认证 11.19/11.20 域名跳转 11.21 Apache访问日志

11.18 Apache用户认证;11.19-11.20 域名跳转(上下);11.21 Apache

11.18 Apache用户认证11.19 11.20 域名跳转11.21 Apache访问日志

11.18 Apache用户认证 11.19/11.20 域名跳转 11.21 Apache访问日志

2018-5-29