Apache服务器配置全攻略(四)
Options FollowSymLinks
AllowOverride None
Apache服务器可以针对目录进行文档的访问控制,然而访问控制可以通过两
种方式来实现,一个是在设置文件 httpd.conf(或access.conf)中针对每个目
录进行设置,另一个方法是在每个目录下设置访问控制文件,通常访问控制文件
名字为.htaccess。虽然使用这两个方式都能用于控制浏览器的访问,然而使用配置文件的方法要求每次改动后重新启动httpd守护进程,比较不灵活,因此主要用于配置服务器系统的整体安全控制策略,而使用每个目录下的.htaccess文件设置具体目录的访问控制更为灵活方便。
Directory语句就是用来定义目录的访问限制的,这里可以看出它的标准语法,为一个目录定义访问限制。上例的这个设置是针对系统的根目录进行的,设置了允许符号连接的选项FollowSymLinks ,以及使用AllowOverride None表示不允许这个目录下的访问控制文件来改变这里进行的配置,这也意味着不用查看这个目录下的相应访问控制文件。
由于Apache对一个目录的访问控制设置是能够被下一级目录继承的,因此对
根目录的设置将影响到它的下级目录。注意由于AllowOverride None的设置,使
得Apache服务器不需要查看根目录下的访问控制文件,也不需要查看以下各级目
录下的访问控制文件,直至httpd.conf(或access.conf )中为某个目录指定了
允许Alloworride,即允许查看访问控制文件。由于Apache对目录访问控制是采用的继承方式,如果从根目录就允许查看访问控制文件,那么Apache就必须一级一级的查看访问控制文件,对系统性能会造成影响。而缺省关闭了根目录的这个特性,就使得Apache从httpd.conf中具体指定的目录向下搜寻,减少了搜寻的级数,增加了系统性能。因此对于系统根目录设置AllowOverride None不但对于系统安全有帮助,也有益于系统性能。
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
这里定义的是系统对外发布文档的目录的访问设置,设置不同的 AllowOverride选项,以定义配置文件中的目录设置和用户目录下的安全控制文件的关系,而Options选项用于定义该目录的特性。
配置文件和每个目录下的访问控制文件都可以设置访问限制,设置文件是由
管理员设置的,而每个目录下的访问控制文件是由目录的属主设置的,因此管理
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1359
52
How to conduct concurrency testing and debugging in Java concurrent programming?
May 09, 2024 am 09:33 AM
Concurrency testing and debugging Concurrency testing and debugging in Java concurrent programming are crucial and the following techniques are available: Concurrency testing: Unit testing: Isolate and test a single concurrent task. Integration testing: testing the interaction between multiple concurrent tasks. Load testing: Evaluate an application's performance and scalability under heavy load. Concurrency Debugging: Breakpoints: Pause thread execution and inspect variables or execute code. Logging: Record thread events and status. Stack trace: Identify the source of the exception. Visualization tools: Monitor thread activity and resource usage.
How to add a server in eclipse
May 05, 2024 pm 07:27 PM
To add a server to Eclipse, follow these steps: Create a server runtime environment Configure the server Create a server instance Select the server runtime environment Configure the server instance Start the server deployment project
Application of algorithms in the construction of 58 portrait platform
May 09, 2024 am 09:01 AM
1. Background of the Construction of 58 Portraits Platform First of all, I would like to share with you the background of the construction of the 58 Portrait Platform. 1. The traditional thinking of the traditional profiling platform is no longer enough. Building a user profiling platform relies on data warehouse modeling capabilities to integrate data from multiple business lines to build accurate user portraits; it also requires data mining to understand user behavior, interests and needs, and provide algorithms. side capabilities; finally, it also needs to have data platform capabilities to efficiently store, query and share user profile data and provide profile services. The main difference between a self-built business profiling platform and a middle-office profiling platform is that the self-built profiling platform serves a single business line and can be customized on demand; the mid-office platform serves multiple business lines, has complex modeling, and provides more general capabilities. 2.58 User portraits of the background of Zhongtai portrait construction
The evasive module protects your website from application layer DOS attacks
Apr 30, 2024 pm 05:34 PM
There are a variety of attack methods that can take a website offline, and the more complex methods involve technical knowledge of databases and programming. A simpler method is called a "DenialOfService" (DOS) attack. The name of this attack method comes from its intention: to cause normal service requests from ordinary customers or website visitors to be denied. Generally speaking, there are two forms of DOS attacks: the third and fourth layers of the OSI model, that is, the network layer attack. The seventh layer of the OSI model, that is, the application layer attack. The first type of DOS attack - the network layer, occurs when a large number of of junk traffic flows to the web server. When spam traffic exceeds the network's ability to handle it, the website goes down. The second type of DOS attack is at the application layer and uses combined
How to deploy and maintain a website using PHP
May 03, 2024 am 08:54 AM
To successfully deploy and maintain a PHP website, you need to perform the following steps: Select a web server (such as Apache or Nginx) Install PHP Create a database and connect PHP Upload code to the server Set up domain name and DNS Monitoring website maintenance steps include updating PHP and web servers, and backing up the website , monitor error logs and update content.
Equipped with AMD EPYC 4004 series processors, ASUS launches a variety of server and workstation products
Jul 23, 2024 pm 09:34 PM
According to news from this website on July 23, ASUS has launched a variety of server and workstation-level products powered by AMD EPYC 4004 series processors. Note from this site: AMD launched the AM5 platform and Zen4 architecture EPYC 4004 series processors in May, offering up to 16-core 3DV-Cache specifications. ASUSProER100AB6 server ASUSProER100AB6 is a 1U rack server product equipped with EPYC Xiaolong 4004 series processor, suitable for the needs of IDC and small and medium-sized enterprises. ASUSExpertCenterProET500AB6 workstation ASUSExpertCenterProET500AB6 is a
How to leverage Kubernetes Operator simplifiy PHP cloud deployment?
May 06, 2024 pm 04:51 PM
KubernetesOperator simplifies PHP cloud deployment by following these steps: Install PHPOperator to interact with the Kubernetes cluster. Deploy the PHP application, declare the image and port. Manage the application using commands such as getting, describing, and viewing logs.
How to implement PHP security best practices
May 05, 2024 am 10:51 AM
How to Implement PHP Security Best Practices PHP is one of the most popular backend web programming languages used for creating dynamic and interactive websites. However, PHP code can be vulnerable to various security vulnerabilities. Implementing security best practices is critical to protecting your web applications from these threats. Input validation Input validation is a critical first step in validating user input and preventing malicious input such as SQL injection. PHP provides a variety of input validation functions, such as filter_var() and preg_match(). Example: $username=filter_var($_POST['username'],FILTER_SANIT
