Directory针对目录进行
<Directory /data/wwwroot/www.123.com> //用于定义作用于那个目录
SetEnvIfNoCase Referer “http://www.123.com” local_ref //定义白名单
SetEnvIfNoCase Referer “http://123.com” local_ref //定义白名单
SetEnvIfNoCase Referer “^$” local_ref //定义空的页面的白名单
<filesmatch “.(txt|doc|mp3|zip|rar|jpg|gif|png)”> //定义规则
Order Allow,Deny //定义访问控制
Allow from env=local_ref
</filesmatch>
</Directory>
Directory针对目录进行
<Directory /data/wwwroot/www.111.com> //用于定义作用于哪个目录,配置防盗链,就是定义本站点
SetEnvIfNoCase Referer “http://www.111.com” local_ref //定义Referer白名单
SetEnvIfNoCase Referer “http://aaa.com” local_ref //定义白名单
SetEnvIfNoCase Referer “^$” local_ref //定义空的Referer页面为白名单
<filesmatch “.(txt|doc|mp3|zip|rar|jpg|gif|png)”> //定义规则,这里的filesmatch中f 和 m 可以大写可以小写
Order Allow,Deny //定义访问控制,order用来定义访问顺序
Allow from env=local_ref
</filesmatch>
</Directory>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
# </FilesMatch>
#</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</IfModule>
<Directory /data/wwwroot/www.111.com>
SetEnvIfNoCase Referer "http://www.111.com" local_ref
SetEnvIfNoCase Referer "http://111.com" local_ref
# SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
ErrorLog "logs/111.com-error_log"
SetEnvIf Request_URI ".*\.gif$" img
SetEnvIf Request_URI ".*\.jpg$" img
SetEnvIf Request_URI ".*\.png$" img
SetEnvIf Request_URI ".*\.bmp$" img
SetEnvIf Request_URI ".*\.swf$" img
SetEnvIf Request_URI ".*\.js$" img
SetEnvIf Request_URI ".*\.css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!img
</VirtualHost>
[root@hf-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
# </FilesMatch>
#</Directory>
<Directory /data/wwwroot/111.com>
SetEnvIfNoCase Referer "http://www.111.com" local_ref
SetEnvIfNoCase Referer "http://aaa.com" local_ref
# SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
ErrorLog "logs/111.com-error_log"
SetEnvIf Request_URI ".*\.gif$" img
SetEnvIf Request_URI ".*\.jpg$" img
SetEnvIf Request_URI ".*\.png$" img
SetEnvIf Request_URI ".*\.bmp$" img
SetEnvIf Request_URI ".*\.swf$" img
SetEnvIf Request_URI ".*\.js$" img
SetEnvIf Request_URI ".*\.css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!img
</VirtualHost>
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@hf-01 ~]#
SetEnvIfNoCase Referer "http://ask.apelearn.com" local_ref
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@hf-01 ~]#
[root@hf-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
更改前,去除前面的注释符
# SetEnvIfNoCase Referer "^$" local_ref
更改后
SetEnvIfNoCase Referer "^$" local_ref
[root@hf-01 ~]# curl -x127.0.0.1:80 111.com/QQ111.jpg -I
HTTP/1.1 200 OK
Date: Mon, 25 Dec 2017 16:50:56 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
Last-Modified: Mon, 04 Dec 2017 03:56:48 GMT
ETag: "da7f-55f7bb520e000"
Accept-Ranges: bytes
Content-Length: 55935
Content-Type: image/jpeg
[root@hf-01 ~]#
[root@hf-01 ~]# curl -e "http://www.qq.com/123.txt" -x127.0.0.1:80 111.com/QQ111.jpg -I
HTTP/1.1 403 Forbidden
Date: Mon, 25 Dec 2017 16:53:01 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
Content-Type: text/html; charset=iso-8859-1
[root@hf-01 ~]# curl -e "http://www.111.com/123.txt" -x127.0.0.1:80 111.com/QQ111.jpg -I
HTTP/1.1 200 OK
Date: Mon, 25 Dec 2017 16:53:45 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
Last-Modified: Mon, 04 Dec 2017 03:56:48 GMT
ETag: "da7f-55f7bb520e000"
Accept-Ranges: bytes
Content-Length: 55935
Content-Type: image/jpeg
[root@hf-01 ~]#