溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

手工編譯apache服務(wù),實(shí)現(xiàn)防盜鏈功能

發(fā)布時(shí)間:2020-07-26 02:33:36 來(lái)源:網(wǎng)絡(luò) 閱讀:6786 作者:wx5d3a7feeb53cc 欄目:云計(jì)算

Apache防盜鏈

Apache安裝包

鏈接:https://pan.baidu.com/s/11X5CEWoVemxlGuNQqn9cuA
提取碼:jn6l

1、安裝配置Apache服務(wù)

1.1、通過(guò)共享,將Apache安裝包掛載到虛擬機(jī)上
[root@localhost ~]# smbclient -L //192.168.10.64
Enter SAMBA\root's password: 

    Sharename       Type      Comment
    ---------       ----      -------
    IPC$            IPC       遠(yuǎn)程 IPC
    share           Disk      
    Users           Disk      
Reconnecting with SMB1 for workgroup listing.
Connection to 192.168.10.64 failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)
Failed to connect with SMB1 -- no workgroup available
[root@localhost ~]# mount.cifs //192.168.10.64/share /mnt
Password for root@//192.168.10.64/share:  
[root@localhost ~]#
1.2 安裝dns服務(wù)軟件包
[root@localhost ~]# yum install bind -y
已加載插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: centos.ustc.edu.cn
 * extras: mirrors.163.com
 * updates: centos.ustc.edu.cn
正在解決依賴(lài)關(guān)系
--> 正在檢查事務(wù)
---> 軟件包 bind.x86_64.32.9.11.4-9.P2.el7 將被 安裝
--> 正在處理依賴(lài)關(guān)系 bind-libs-lite(x86-64) = 32:9.11.4-9.P2.el7,它被軟件包 32:bind-9.11.4-9.P2.el7.x86_64 需要
--> 正在處理依賴(lài)關(guān)系 bind-libs(x86-64) = 32:9.11.4-9.P2.el7,它被軟件包 32:bind-9.11.4-9.P2.el7.x86_64 需要
--> 正在處理依賴(lài)關(guān)系 liblwres.so.160()(64bit),它被軟件包 32:bind-9.11.4-9.P2.el7.x86_64 需要
--> 正在處理依賴(lài)關(guān)系 libisccfg.so.160()(64bit),它被軟件包 32:bind-9.11.4-9.P2.el7.x86_64 需要
1.2 修改dns主配置文件
[root@localhost ~]# vim /etc/named.conf

options {
        listen-on port 53 { any; };       //改成any
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { any; };         //改成any
1.2修改dns區(qū)域配置文件
[root@localhost ~]# vim /etc/named.rfc1912.zones

#添加下面內(nèi)容
zone "kgc.com" IN {
        type master;
        file "kgc.com.zone";
        allow-update { none; };
};
1.2復(fù)制dns區(qū)域數(shù)據(jù)配置文件模板,并修改dns區(qū)域數(shù)據(jù)配置文件
[root@localhost ~]# cp -p /var/named/named.localhost /var/named/kgc.com.zone
[root@localhost ~]# vim /var/named/kgc.com.zone

$TTL 1D
@       IN SOA  @ rname.invalid. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      @
        A       127.0.0.1
www  IN A       192.168.102.166
1.2開(kāi)啟dns服務(wù)關(guān)閉防火墻
[root@localhost ~]# systemctl start named
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]#

2、手工編譯安裝apache服務(wù)

2.1解壓apache安裝軟件包
[root@localhost ~]# tar zvxf /mnt/LAMP-C7/apr-1.6.2.tar.gz -C /opt
[root@localhost ~]# tar zvxf /mnt/LAMP-C7/apr-util-1.6.0.tar.gz -C /opt
[root@localhost ~]# tar jxvf /mnt/LAMP-C7/httpd-2.4.29.tar.bz2 -C /opt
2.2 移動(dòng)跨平臺(tái)組件位置
[root@localhost ~]# mv /opt/apr-1.6.2 /opt/httpd-2.4.29/srclib/apr
[root@localhost ~]# mv /opt/apr-util-1.6.0 /opt/httpd-2.4.29/srclib/apr-util
[root@localhost ~]#
2.3 安裝環(huán)境必要軟件包
[root@localhost ~]# yum -y install \
> gcc \
> gcc-c++ \
> make \
> pcre-devel \
> zlib-devel \
> expat-devel \
> pcre \
> perl
2.4 進(jìn)行configure配置
[root@localhost ~]# cd /opt/httpd-2.4.29/
[root@localhost httpd-2.4.29]# ./configure \
> --prefix=/usr/local/httpd \
> --enable-so \
> --enable-deflate \
> --enable-expires \
> --enable-rewrite \
> --enable-charset-lite \
> --enable-cgi
2.5 編譯及編譯安裝
[root@localhost httpd-2.4.29]# make && make install

3、配置防盜鏈服務(wù)

3.1修改監(jiān)聽(tīng)地址和域名

[root@localhost ~]# vim /usr/local/httpd/conf/httpd.conf

#Change this to Listen on specific IP addresses as shown below to 
#prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
#Listen 80
Listen 192.168.102.166:80
#ServerName gives the name and port that the server uses to identify itself.
#This can often be determined automatically, but we recommend you specify
#it explicitly to prevent problems during startup.

#If your host doesn't have a registered DNS name, enter its IP address here.

ServerName www.kgc.com:80

#Deny access to the entirety of your server's filesystem. You must
#explicitly permit access to web
3.2 開(kāi)啟防盜鏈功能
[root@localhost ~]# vim /usr/local/httpd/conf/httpd.conf

LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so

<IfModule unixd_module>
244     AllowOverride None
245 
246     #
247     # Controls who can get stuff from this server.
248     #
249     Require all granted
250 RewriteEngine On
251 RewriteCond %{HTTP_REFERER} !^http://kgc.com/.*$ [NC]
252 RewriteCond %{HTTP_REFERER} !^http://kgc.com$ [NC]
253 RewriteCond %{HTTP_REFERER} !^http://www.kgc.com/.*$ [NC]
254 RewriteCond %{HTTP_REFERER} !^http://www.kgc.com$ [NC]
255 RewriteRule .*.(gif|jpg|swf)$ http://www.kgc.com/error.png
256 </Directory>
257 
258 #
259 # DirectoryIndex: sets the file that Apache will serve if a directory
3.3 修改apache首頁(yè)內(nèi)容
[root@localhost ~]# vim /usr/local/httpd/htdocs/index.html

<html>
 <body>
  <h2>this is test web</h2>
  <img src="game.jpg"/>
 </body>
</html>
3.3 復(fù)制掛載文件夾內(nèi)的圖片
[root@localhost htdocs]# cp /mnt/LAMP-C7/game.jpg /usr/local/httpd/htdocs/
[root@localhost htdocs]# cp /mnt/LAMP-C7/error.png /usr/local/httpd/htdocs/
[root@localhost htdocs]# ls
error.png  game.jpg  index.html
[root@localhost htdocs]#
3.4重啟apache服務(wù)
[root@localhost ~]# /usr/local/httpd/bin/apachectl stop
httpd (no pid file) not running
[root@localhost ~]# /usr/local/httpd/bin/apachectl start
[root@localhost ~]#

4、創(chuàng)建盜鏈網(wǎng)站

4.1再開(kāi)一臺(tái)虛擬機(jī),安裝apache服務(wù)

[root@localhost ~]# yum install httpd -y

4.2修改配置文件中監(jiān)聽(tīng)地址
[root@localhost ~]# vim /etc/httpd/conf/httpd.conf

33 #
 34 # Listen: Allows you to bind Apache to specific IP addresses and/or
 35 # ports, instead of the default. See also the <VirtualHost>
 36 # directive.
 37 #
 38 # Change this to Listen on specific IP addresses as shown below to 
 39 # prevent Apache from glomming onto all bound IP addresses.
 40 #
 41 Listen 192.168.102.167:80
 42 #Listen 80
 43 
 44 #
 45 # Dynamic Shared Object (DSO) Support
 46 #
 86 ServerAdmin root@localhost
 87 
 88 #
 89 # ServerName gives the name and port that the server uses to identify itself.
 90 # This can often be determined automatically, but we recommend you specify
 91 # it explicitly to prevent problems during startup.
 92 #
 93 # If your host doesn't have a registered DNS name, enter its IP address here.
 94 #
 95 ServerName www.kgc.com:80
 96 
 97 #
 98 # Deny access to the entirety of your server's filesystem. You must
 99 # explicitly permit access to web content directories in other 
100 # <Directory> blocks below.
101 #
4.3 修改apache網(wǎng)站主頁(yè)
[root@localhost ~]# cd /var/www/html
[root@localhost html]# ls
[root@localhost html]# vim index.html

<html>
 <body>
  <h2>this is test web</h2>
  <img src="http://www.kgc.com/game.jpg"/>
 </body>
</html>
~                                                                                      
~
4.4 添加域名解析服務(wù)器地址
[root@localhost ~]# echo "nameserver 192.168.102.166" > /etc/resolv.conf
[root@localhost ~]#
4.5 重啟apache服務(wù)
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]#
4.6

5、驗(yàn)證

5.1 先訪問(wèn)原網(wǎng)站 www.kgc.com

手工編譯apache服務(wù),實(shí)現(xiàn)防盜鏈功能

5.2 訪問(wèn)盜鏈網(wǎng)站

手工編譯apache服務(wù),實(shí)現(xiàn)防盜鏈功能

防盜鏈成功

向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI