导航：首页 > 服务器 >

手工编译apache服务,实现防盗链功能

发表于：2024-09-30 作者：千家信息网编辑

千家信息网最后更新 2024年09月30日，Apache防盗链Apache安装包链接：https://pan.baidu.com/s/11X5CEWoVemxlGuNQqn9cuA提取码：jn6l1、安装配置Apache服务1.1、通过共享，将

千家信息网最后更新 2024年09月30日手工编译apache服务,实现防盗链功能

Apache防盗链

Apache安装包

链接：https://pan.baidu.com/s/11X5CEWoVemxlGuNQqn9cuA
提取码：jn6l

1、安装配置Apache服务

1.1、通过共享，将Apache安装包挂载到虚拟机上

[root@localhost ~]# smbclient -L //192.168.10.64Enter SAMBA\root's password:     Sharename       Type      Comment    ---------       ----      -------    IPC$            IPC       远程 IPC    share           Disk          Users           Disk      Reconnecting with SMB1 for workgroup listing.Connection to 192.168.10.64 failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)Failed to connect with SMB1 -- no workgroup available[root@localhost ~]# mount.cifs //192.168.10.64/share /mntPassword for root@//192.168.10.64/share:  [root@localhost ~]#

1.2 安装dns服务软件包

[root@localhost ~]# yum install bind -y已加载插件：fastestmirror, langpacksLoading mirror speeds from cached hostfile * base: centos.ustc.edu.cn * extras: mirrors.163.com * updates: centos.ustc.edu.cn正在解决依赖关系--> 正在检查事务---> 软件包 bind.x86_64.32.9.11.4-9.P2.el7 将被 安装--> 正在处理依赖关系 bind-libs-lite(x86-64) = 32:9.11.4-9.P2.el7，它被软件包 32:bind-9.11.4-9.P2.el7.x86_64 需要--> 正在处理依赖关系 bind-libs(x86-64) = 32:9.11.4-9.P2.el7，它被软件包 32:bind-9.11.4-9.P2.el7.x86_64 需要--> 正在处理依赖关系 liblwres.so.160()(64bit)，它被软件包 32:bind-9.11.4-9.P2.el7.x86_64 需要--> 正在处理依赖关系 libisccfg.so.160()(64bit)，它被软件包 32:bind-9.11.4-9.P2.el7.x86_64 需要

1.2 修改dns主配置文件

[root@localhost ~]# vim /etc/named.confoptions {        listen-on port 53 { any; };       //改成any        listen-on-v6 port 53 { ::1; };        directory       "/var/named";        dump-file       "/var/named/data/cache_dump.db";        statistics-file "/var/named/data/named_stats.txt";        memstatistics-file "/var/named/data/named_mem_stats.txt";        recursing-file  "/var/named/data/named.recursing";        secroots-file   "/var/named/data/named.secroots";        allow-query     { any; };         //改成any

1.2修改dns区域配置文件

[root@localhost ~]# vim /etc/named.rfc1912.zones#添加下面内容zone "kgc.com" IN {        type master;        file "kgc.com.zone";        allow-update { none; };};

1.2复制dns区域数据配置文件模板,并修改dns区域数据配置文件

[root@localhost ~]# cp -p /var/named/named.localhost /var/named/kgc.com.zone[root@localhost ~]# vim /var/named/kgc.com.zone$TTL 1D@       IN SOA  @ rname.invalid. (                                        0       ; serial                                        1D      ; refresh                                        1H      ; retry                                        1W      ; expire                                        3H )    ; minimum        NS      @        A       127.0.0.1www  IN A       192.168.102.166

1.2开启dns服务关闭防火墙

[root@localhost ~]# systemctl start named[root@localhost ~]# systemctl stop firewalld.service[root@localhost ~]# setenforce 0[root@localhost ~]#

2、手工编译安装apache服务

2.1解压apache安装软件包

[root@localhost ~]# tar zvxf /mnt/LAMP-C7/apr-1.6.2.tar.gz -C /opt[root@localhost ~]# tar zvxf /mnt/LAMP-C7/apr-util-1.6.0.tar.gz -C /opt[root@localhost ~]# tar jxvf /mnt/LAMP-C7/httpd-2.4.29.tar.bz2 -C /opt

2.2 移动跨平台组件位置

[root@localhost ~]# mv /opt/apr-1.6.2 /opt/httpd-2.4.29/srclib/apr[root@localhost ~]# mv /opt/apr-util-1.6.0 /opt/httpd-2.4.29/srclib/apr-util[root@localhost ~]#

2.3 安装环境必要软件包

[root@localhost ~]# yum -y install \> gcc \> gcc-c++ \> make \> pcre-devel \> zlib-devel \> expat-devel \> pcre \> perl

2.4 进行configure配置

[root@localhost ~]# cd /opt/httpd-2.4.29/[root@localhost httpd-2.4.29]# ./configure \> --prefix=/usr/local/httpd \> --enable-so \> --enable-deflate \> --enable-expires \> --enable-rewrite \> --enable-charset-lite \> --enable-cgi

2.5 编译及编译安装

[root@localhost httpd-2.4.29]# make && make install

3、配置防盗链服务

3.1修改监听地址和域名

[root@localhost ~]# vim /usr/local/httpd/conf/httpd.conf

#Change this to Listen on specific IP addresses as shown below to #prevent Apache from glomming onto all bound IP addresses.#Listen 12.34.56.78:80#Listen 80Listen 192.168.102.166:80

#ServerName gives the name and port that the server uses to identify itself.#This can often be determined automatically, but we recommend you specify#it explicitly to prevent problems during startup.#If your host doesn't have a registered DNS name, enter its IP address here.ServerName www.kgc.com:80#Deny access to the entirety of your server's filesystem. You must#explicitly permit access to web

3.2 开启防盗链功能

[root@localhost ~]# vim /usr/local/httpd/conf/httpd.confLoadModule alias_module modules/mod_alias.soLoadModule rewrite_module modules/mod_rewrite.so

244     AllowOverride None245 246     #247     # Controls who can get stuff from this server.248     #249     Require all granted250 RewriteEngine On251 RewriteCond %{HTTP_REFERER} !^http://kgc.com/.*$ [NC]252 RewriteCond %{HTTP_REFERER} !^http://kgc.com$ [NC]253 RewriteCond %{HTTP_REFERER} !^http://www.kgc.com/.*$ [NC]254 RewriteCond %{HTTP_REFERER} !^http://www.kgc.com$ [NC]255 RewriteRule .*.(gif|jpg|swf)$ http://www.kgc.com/error.png256 257 258 #259 # DirectoryIndex: sets the file that Apache will serve if a directory

3.3 修改apache首页内容

[root@localhost ~]# vim /usr/local/httpd/htdocs/index.html   this is test web

3.3 复制挂载文件夹内的图片

[root@localhost htdocs]# cp /mnt/LAMP-C7/game.jpg /usr/local/httpd/htdocs/[root@localhost htdocs]# cp /mnt/LAMP-C7/error.png /usr/local/httpd/htdocs/[root@localhost htdocs]# lserror.png  game.jpg  index.html[root@localhost htdocs]#

3.4重启apache服务

[root@localhost ~]# /usr/local/httpd/bin/apachectl stophttpd (no pid file) not running[root@localhost ~]# /usr/local/httpd/bin/apachectl start[root@localhost ~]#

4、创建盗链网站

4.1再开一台虚拟机,安装apache服务

[root@localhost ~]# yum install httpd -y

4.2修改配置文件中监听地址

[root@localhost ~]# vim /etc/httpd/conf/httpd.conf33 # 34 # Listen: Allows you to bind Apache to specific IP addresses and/or 35 # ports, instead of the default. See also the  36 # directive. 37 # 38 # Change this to Listen on specific IP addresses as shown below to  39 # prevent Apache from glomming onto all bound IP addresses. 40 # 41 Listen 192.168.102.167:80 42 #Listen 80 43  44 # 45 # Dynamic Shared Object (DSO) Support 46 #

 86 ServerAdmin root@localhost 87  88 # 89 # ServerName gives the name and port that the server uses to identify itself. 90 # This can often be determined automatically, but we recommend you specify 91 # it explicitly to prevent problems during startup. 92 # 93 # If your host doesn't have a registered DNS name, enter its IP address here. 94 # 95 ServerName www.kgc.com:80 96  97 # 98 # Deny access to the entirety of your server's filesystem. You must 99 # explicitly permit access to web content directories in other 100 #  blocks below.101 #

4.3 修改apache网站主页

[root@localhost ~]# cd /var/www/html[root@localhost html]# ls[root@localhost html]# vim index.html   this is test web
   ~                                                                                      ~

4.4 添加域名解析服务器地址

[root@localhost ~]# echo "nameserver 192.168.102.166" > /etc/resolv.conf[root@localhost ~]#

4.5 重启apache服务

[root@localhost ~]# systemctl restart httpd[root@localhost ~]#

4.6

5、验证

5.1 先访问原网站 www.kgc.com

5.2 访问盗链网站

防盗链成功

很赞哦！

服务软件软件包配置文件正在防盗网站处理编译区域地址内容域名数据监听功能手工必要成功数据库的安全要保护哪些东西数据库安全各自的含义是什么生产安全数据库录入数据库的安全性及管理数据库安全策略包含哪些海淀数据库安全审计系统建立农村房屋安全信息数据库易用的数据库客户端支持安全管理连接数据库失败ssl安全错误数据库的锁怎样保障安全网络技术专业报云赛道数字中国建设网络技术有限公司 rfid的数据库任务二手服务器租赁惠州电商软件开发联系人普陀区软件开发厂家报价多个数据库都执行同一条语句医院软件开发怎么样网络安全运维服务总结山西云缇服务器网络安全实用技术考试答案波阳软件开发有限公司在线咨询吉林数据网络技术分类技术虚拟服务器账号注册信息网络安全法律法规总结电脑偶尔连不上服务器是怎么回事网吧落实网络安全的重要性数据库表无法删除行 gt赛车7 服务器故障 iphone浏览器打不开说找不到服务器 ppp服务器中断了您的链接贵金属现货投资软件开发网络安全案例实践贵州理工学院网络安全 ios 上传视频到服务器网络技术部门设想应用服务器和容器信息网络安全法律法规总结宁波计算机网络技术管理系统番禺区网络安全和信息化

千家信息网