实现的原理很简单,就是apache的url_rewrite功能+php程序
url_rewrite代码
301 redirect: 301代表永久性转移(Permanently Moved),301重定向是网页更改地址后对搜索引擎友好(SEO)的最好方法,只要不是暂时搬移的情况,都建议使用301来做转址。
现在知道的有2类,一类是在web服务软件上做(apache,IIS),还有就是在程序里面做(jsp,php,asp,ruby,perl)
继续阅读 »
防止GetRight和Curl来抓取网內的数据的代码
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} ^curl [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight
RewriteRule ^.* – [F]
继续阅读 »
This article explains how to set up a two-node load balancer in an active/passive configuration with HAProxy and heartbeat on Debian Etch. The load balancer sits between the user and two (or more) backend Apache web servers that hold the same content. Not only does the load balancer distribute the requests to the two backend Apache servers, it also checks the health of the backend servers. If one of them is down, all requests will automatically be redirected to the remaining backend server. In addition to that, the two load balancer nodes monitor each other using heartbeat, and if the master fails, the slave becomes the master, which means the users will not notice any disruption of the service. HAProxy is session-aware, which means you can use it with any web application that makes use of sessions (such as forums, shopping carts, etc.). 继续阅读 »
Apache中的异常访问,通常指的是频繁、大量访问的用户,通过apache的log,结合linux下的几个命令,可以分析这些用户,并通过apache的配置文件来禁止他们访问。
首先,更改apache的log方式,不记录一些图像、css等文件,这样在log中每一行基本上都能对应一次访问,如果不去除图像等文件的记录,正常用户访问一个页面,同时也会下载页面上的图像、css等文件,会产生多条log记录,影响计数的结果。在apache的conf文件中增加如下配置: 继续阅读 »
mod_ssl里支持SSLProxyEngine指令
直接将其打开即可,这样再加上mod_proxy
于是很容易就有了以下的配置文件内容:
这个建议写到某个<VirtualHost>里,如<VirtualHost _default_:443>
如果是Fc(Fedora Core)的机器,强烈建议先装mod_ssl
然后再在配置文件/etc/httpd/conf.d/ssl.conf中的<VirtualHost _default_:443>的session中添加以上的配置内容
Most vulnerability scanners (like the popular nessus, but commercial ones also) will complain (normally as a low thread or warning level) about TRACE method being enabled on the web server tested.
Normally you will have this enabled by default, but if you want to test if it is really enabled on your server you just have to telnet on the port your web server is running and request for “TRACE / HTTP/1.0” if you get a positive reply it means TRACE is enabled on your system. The output of a server with TRACE enabled will look like:
继续阅读 »