LAMP之Apache

[root@localhost1 software]# rpm -qa httpd*
[root@localhost1 software]# 

2、如果没有自带 Apache 服务软件，可以不需要进行下面的卸载
[root@Centos ~]# rpm -e --nodeps httpd-2.2.15-54.el6.centos.x86_64
warning: /etc/httpd/conf/httpd.conf saved as /etc/httpd/conf/httpd.conf.rpmsave
[root@Centos ~]# rpm -e --nodeps httpd-tools-2.2.15-54.el6.centos.x86_64

[root@localhost1 ~]# cd /home/cairui/
[root@localhost1 cairui]# ls
[root@localhost1 cairui]# mkdir software
[root@localhost1 cairui]# cd software/
[root@localhost1 software]# wget http://mirrors.hust.edu.cn/apache//httpd/httpd-2.2.34.tar.gz
--2018-02-26 16:16:06--  http://mirrors.hust.edu.cn/apache//httpd/httpd-2.2.34.tar.gz
Resolving mirrors.hust.edu.cn... 202.114.18.160
Connecting to mirrors.hust.edu.cn|202.114.18.160|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7684419 (7.3M) [application/octet-stream]
Saving to: “httpd-2.2.34.tar.gz”

100%[====================================>] 7,684,419    212K/s   in 45s     

2018-02-26 16:16:52 (167 KB/s) - “httpd-2.2.34.tar.gz” saved [7684419/7684419]

[root@localhost1 software]# ls
httpd-2.2.34.tar.gz
[root@localhost1 httpd-2.2.34]# tar zxvf httpd-2.2.34.tar.gz 
[root@localhost1 software]# cd httpd-2.2.34
[root@localhost1 httpd-2.2.34]# ll
total 1176
-rw-r--r--  1 1001 1001  14882 Nov 21  2004 ABOUT_APACHE
-rw-r--r--  1 1001 1001  18613 Jul  6  2012 acinclude.m4
-rw-r--r--  1 1001 1001  56952 Oct  5  2010 Apache.dsw
drwxr-xr-x  6 1001 1001   4096 Jul  6  2017 build
-rw-r--r--  1 1001 1001   2644 Aug 24  2007 BuildAll.dsp
-rw-r--r--  1 1001 1001   2692 Jul 29  2009 BuildBin.dsp
-rwxr-xr-x  1 1001 1001   5786 Sep 19  2012 buildconf
-rw-r--r--  1 1001 1001 147887 Jun 28  2017 CHANGES
-rw-r--r--  1 1001 1001  11701 Feb 27  2012 config.layout
-rwxr-xr-x  1 1001 1001 574593 Jul  6  2017 configure
-rw-r--r--  1 1001 1001  24720 May 25  2015 configure.in
drwxr-xr-x  9 1001 1001   4096 Jul  6  2017 docs
-rw-r--r--  1 1001 1001    403 Nov 21  2004 emacs-style
-rw-r--r--  1 1001 1001   1248 May  7  2011 httpd.dep
-rw-r--r--  1 1001 1001   4124 Jun 11  2008 httpd.dsp
-rw-r--r--  1 1001 1001   8994 May  6  2011 httpd.mak
-rw-r--r--  1 1001 1001  12053 Jul  6  2017 httpd.spec
drwxr-xr-x  2 1001 1001   4096 Jul  6  2017 include
-rw-r--r--  1 1001 1001   5129 Jan  9  2017 INSTALL
-rw-r--r--  1 1001 1001   2909 Dec  7  2006 InstallBin.dsp
-rw-r--r--  1 1001 1001   5145 Nov 29  2005 LAYOUT
-rw-r--r--  1 1001 1001  30119 May  7  2011 libhttpd.dep
-rw-r--r--  1 1001 1001  17039 Jan 12  2007 libhttpd.dsp
-rw-r--r--  1 1001 1001  28503 May  6  2011 libhttpd.mak
-rw-r--r--  1 1001 1001  28690 Jan 18  2008 LICENSE
-rw-r--r--  1 1001 1001   8739 Nov 25  2008 Makefile.in
-rw-r--r--  1 1001 1001  34759 Jan 19  2014 Makefile.win
drwxr-xr-x 20 1001 1001   4096 Jul  6  2017 modules
-rw-r--r--  1 1001 1001    828 Jan  2  2017 NOTICE
-rw-r--r--  1 1001 1001  12894 Mar 15  2012 NWGNUmakefile
drwxr-xr-x  9 1001 1001   4096 Jul  6  2017 os
-rw-r--r--  1 1001 1001   5954 Jan 10  2007 README
-rw-r--r--  1 1001 1001   4178 Aug 27  2014 README.platforms
-rw-r--r--  1 1001 1001   2553 Dec 20  2010 README-win32.txt
-rw-r--r--  1 1001 1001  10183 Mar 14  2005 ROADMAP
drwxr-xr-x  3 1001 1001   4096 Jul  6  2017 server
drwxr-xr-x  5 1001 1001   4096 Jul  6  2017 srclib
drwxr-xr-x  4 1001 1001   4096 Jul  6  2017 support
drwxr-xr-x  2 1001 1001   4096 Jul  6  2017 test
-rw-r--r--  1 1001 1001   8183 Oct 17  2005 VERSIONING

[root@localhost1 httpd-2.2.34]# cat README

                          Apache HTTP Server

  What is it?
  -----------

  The Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant
  web server.  Originally designed as a replacement for the NCSA HTTP
  Server, it has grown to be the most popular web server on the
  Internet.  As a project of the Apache Software Foundation, the
  developers aim to collaboratively develop and maintain a robust,
  commercial-grade, standards-based server with freely available
  source code.

  The Latest Version
  ------------------

  Details of the latest version can be found on the Apache HTTP
  server project page under <http://httpd.apache.org/>.

  Documentation
  -------------

  The documentation available as of the date of this release is
  included in HTML format in the docs/manual/ directory.  The most
  up-to-date documentation for the 2.2.x releases can be found at
  <http://httpd.apache.org/docs/2.2/>.

  Installation
  ------------

  Please see the file called INSTALL.  Platform specific notes can be
  found in README.platforms.

  Licensing
  ---------

  Please see the file called LICENSE.

  Cryptographic Software Notice　　#加密软件的通知
  -----------------------------

  This distribution may include software that has been designed for use
  with cryptographic software.  The country in which you currently reside
  may have restrictions on the import, possession, use, and/or re-export
  to another country, of encryption software.  BEFORE using any encryption
  software, please check your country's laws, regulations and policies
  concerning the import, possession, or use, and re-export of encryption
  software, to see if this is permitted.  See <http://www.wassenaar.org/>
  for more information.

  The U.S. Government Department of Commerce, Bureau of Industry and
  Security (BIS), has classified this software as Export Commodity 
  Control Number (ECCN) 5D002.C.1, which includes information security
  software using or performing cryptographic functions with asymmetric
  algorithms.  The form and manner of this Apache Software Foundation
  distribution makes it eligible for export under the License Exception
  ENC Technology Software Unrestricted (TSU) exception (see the BIS 
  Export Administration Regulations, Section 740.13) for both object 
  code and source code.

  The following provides more details on the included files that
  may be subject to export controls on cryptographic software:

    Apache httpd 2.0 and later versions include the mod_ssl module under
       modules/ssl/
    for configuring and listening to connections over SSL encrypted
    network sockets by performing calls to a general-purpose encryption
    library, such as OpenSSL or the operating system's platform-specific
    SSL facilities.

    In addition, some versions of apr-util provide an abstract interface
    for SSL encrypted network sockets in the files under the directory
       srclib/apr-util/ssl/
    that makes use of a general-purpose encryption library, such as
    OpenSSL or the operating system's platform-specific SSL facilities.
    Apache httpd currently does not use that apr-util interface.

    Some object code distributions of Apache httpd, indicated with the
    word "crypto" in the package name, may include object code for the
    OpenSSL encryption library as distributed in open source form from
    <http://www.openssl.org/source/>.

  The above files are optional and may be removed if the cryptographic
  functionality is not desired or needs to be excluded from redistribution.
  Distribution packages of Apache httpd that include the word "nossl"
  in the package name have been created without the above files and are
  therefore not subject to this notice.

  Contacts
  --------

     o If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the Apache server
       subscribe to the apache-announce mailing list as described under
       <http://httpd.apache.org/lists.html#http-announce>

     o If you want freely available support for running Apache please join the
       Apache user community by subscribing to Users Mailing List at
       <http://httpd.apache.org/userslist.html> or one of the following
       USENET newsgroups:
         comp.infosystems.www.servers.unix
         comp.infosystems.www.servers.ms-windows
       Also available at: 
         <http://groups.google.com/groups?group=comp.infosystems.www.servers>

     o If you want commercial support for running Apache please contact
       one of the companies and contractors which are listed at
       <http://www.apache.org/info/support.cgi>

     o If you have a concrete bug report for Apache please go to the
       Apache Group Bug Database and submit your report:
       <http://httpd.apache.org/bug_report.html>

     o If you want to participate in actively developing Apache please
       subscribe to the `dev@httpd.apache.org' mailing list as described at
       <http://httpd.apache.org/lists.html#http-dev>

  Acknowledgments
  ----------------

  We wish to acknowledge the following copyrighted works that
  make up portions of the Apache software:

  Portions of this software were developed at the National Center
  for Supercomputing Applications (NCSA) at the University of
  Illinois at Urbana-Champaign.

  This software contains code derived from the RSA Data Security
  Inc. MD5 Message-Digest Algorithm, including various
  modifications by Spyglass Inc., Carnegie Mellon University, and
  Bell Communications Research, Inc (Bellcore).

  Regular expression support is provided by the PCRE library package, which
  is open source software, written by Philip Hazel, and copyright by the
  University of Cambridge, England.  The original software is available from
     ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/

  Apache 2 relies heavily on the use of autoconf and libtool to provide
  a build environment.

[root@localhost1 httpd-2.2.34]# cat INSTALL 

  APACHE INSTALLATION OVERVIEW

  CAUTION
  -------

  This package represents a legacy version of the Apache HTTP Server software
  and is not current.

  Please note that Apache Web Server Project will only provide maintenance
  releases of the 2.2.x flavor through June of 2017, and will provide some
  security patches beyond this date through at least December of 2017.
  Minimal maintenance patches of 2.2.x are expected throughout this period,
  and users are strongly discouraged from deploying this legacy release.　　　　#不建议安装较低版本，因为不会再维护

  Also note, this package includes very stale and known-vulnerable versions
  of the Expat [http://expat.sourceforge.net/] and PCRE [http://www.pcre.org/]
  packages. Users are strongly encouraged to first install the most recent
  versions of these components.　　　　　　　　　　　　　　　　　　　　　　　　　　　　#强烈建议安装最新版本


  Quick Start - Unix
  ------------------

  For complete installation documentation, see [ht]docs/manual/install.html or
  http://httpd.apache.org/docs/2.2/install.html

     $ ./configure --prefix=PREFIX
     $ make
     $ make install
     $ PREFIX/bin/apachectl start

     NOTES: * Replace PREFIX with the filesystem path under which 
              Apache should be installed.  A typical installation
              might use "/usr/local/apache2" for PREFIX (without the
              quotes).

            * If you are a developer who will be linking your code with
              Apache or using a debugger to step through server code,
              ./configure's --with-included-apr option may be advantageous,
              as it removes the possibility of version or compile-option
              mismatches with APR and APR-util code.  (Many OSes now
              include their own version of APR and APR-util.)

            * If you are a developer building Apache directly from
              Subversion, you will need to run ./buildconf before running
              configure. This script bootstraps the build environment and
              requires Python as well as GNU autoconf and libtool. If you
              build Apache from a release tarball, you don't have to run
              buildconf.

            * If you want to build a threaded MPM (for instance worker)
              on  FreeBSD, be aware that threads do not work well with
              Apache on FreeBSD versions before 5.4-RELEASE. If you wish
              to try a threaded Apache on an earlier version of FreeBSD,
              use the --enable-threads parameter to ./configure in
              addition to the --with-mpm parameter.

            * If you are building directly from Subversion on Mac OS X
              (Darwin), make sure to use GNU Libtool 1.4.2 or newer. All
              recent versions of the developer tools on this platform
              include a sufficiently recent version of GNU Libtool (named
              glibtool, but buildconf knows where to find it).

  For a short impression of what possibilities you have, here is a
  typical example which configures Apache for the installation tree
  /sw/pkg/apache with a particular compiler and flags plus the two
  additional modules mod_rewrite and mod_speling for later loading
  through the DSO mechanism:

     $ CC="pgcc" CFLAGS="-O2" \
     ./configure --prefix=/sw/pkg/apache \
     --enable-rewrite=shared \
     --enable-speling=shared 

  The easiest way to find all of the configuration flags for Apache 2.2
  is to run ./configure --help.


  Quick Start - Windows
  ---------------------

  For complete documentation, see manual/platform/windows.html.en or
  http://httpd.apache.org/docs/2.2/platform/windows.html.

  The Apache/Win32 binaries are distributed as Windows Installer packages 
  (.msi) named httpd-2.2.xx-win32-x86-no_ssl.msi for a version without mod_ssl
  and httpd-2.2.xx-win32-x86-openssl-0.9.8x.msi for a version including the
  mod_ssl plus the openssl library and command line utility.  These packages
  may be unpacked without "installing" them by using the msiexec /a option.

  If you have unpacked a source distribution (named httpd-2.2.x-win32-src.zip, 
  without any -x86 notation) you must compile the package yourself, see the links
  mentioned above.  Unless you intended to do this, please look again for the 
  binary package from http://www.apache.org/dist/httpd/binaries/win32/ and
  install the desired .msi package.

  The .msi package configures the httpd.conf file, and installs and starts 
  the Apache2.2 service for you.  It also installs plenty of useful shortcuts
  and the taskbar ApacheMonitor.  We strongly encourage you to use it.


  Postscript
  ----------

  The Apache HTTP Server group cannot field user's installation questions.
  There are many valuable forums to help you get started.  Please refer your
  questions to the appropriate forum, such as the Users Mailing List at
  http://httpd.apache.org/userslist.html or the usenet newsgroups
  comp.infosystems.www.servers.unix or
  comp.infosystems.www.servers.ms-windows.

  Thanks for using the Apache HTTP Server, version 2.2.

                                     The Apache Software Foundation
                                     http://www.apache.org/

[root@localhost1 httpd-2.2.34]# ./configure --help
`configure' configures this package to adapt to many kinds of systems.

Usage: ./configure [OPTION]... [VAR=VALUE]...

To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE.  See below for descriptions of some of the useful variables.　　#指定环境变量(例如，CC, CFLAGS…)，指定它们为。VAR =价值。以下是一些有用的变量的描述。

[root@localhost1 httpd-2.2.34]# yum install gcc* zlib* -y

[root@localhost1 opt]# ./configure --prefix=/opt/apache2.2.34 --enable-deflate --enable-expires --enable-headers --enable-modules=most --enable-so --with-mpm=worker --enable-rewrite

[root@localhost1 opt]# make & make install

[root@localhost1 opt]# cd /opt/
[root@localhost1 opt]# ls
apache2.2.34
[root@localhost1 opt]# ln -s apache2.2.34/ apache/
ln: target `apache/' is not a directory: No such file or directory
[root@localhost1 opt]# ln -s apache2.2.34/ apache
[root@localhost1 opt]# ls
apache  apache2.2.34

[root@localhost1 opt]# /opt/apache/bin/apachectl start
httpd: apr_sockaddr_info_get() failed for localhost1
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
服务启动成功，但由于没有DNS出现这种提示，解决办法如下
　　[root@localhost1 conf]# vim /opt/apache/conf/httpd.conf ^C

ServerName www.example.com:80==========>localhost:80(192.168.1.2:80) 

[root@localhost1 conf]# /opt/apache/bin/apachectl graceful

[root@localhost1 apache]# ll
total 60
drwxr-xr-x  2 root root  4096 Feb 26 17:10 bin　　#apche命令的目录，如服务启动命令
drwxr-xr-x  2 root root  4096 Feb 26 17:10 build
drwxr-xr-x  2 root root  4096 Feb 26 17:10 cgi-bin
drwxr-xr-x  4 root root  4096 Feb 26 17:33 conf
drwxr-xr-x  3 root root  4096 Feb 26 17:10 error
drwxr-xr-x  2 root root  4096 Jul  6  2017 htdocs　　默认站点目录
drwxr-xr-x  3 root root  4096 Feb 26 17:10 icons
drwxr-xr-x  2 root root  4096 Feb 26 17:10 include
drwxr-xr-x  3 root root  4096 Feb 26 17:10 lib
drwxr-xr-x  2 root root  4096 Feb 26 17:33 logs　　日志目录
drwxr-xr-x  4 root root  4096 Feb 26 17:10 man
drwxr-xr-x 14 root root 12288 Jul  6  2017 manual
drwxr-xr-x  2 root root  4096 Feb 26 17:10 modules　　apache的模块目录，一些程序经过编译后都存放在这里

[root@localhost1 apache]# tree -l 1 bin/
1 [error opening dir]
bin/
├── ab　　　　HTTP服务器性能测试工具
├── apachectl　　服务的启动命令，同样它也是一个脚本
├── apr-1-config
├── apu-1-config
├── apxs　　　　是一个为HTTP服务器编译和安装扩展模块的工具
├── checkgid
├── dbmmanage
├── envvars
├── envvars-std
├── htcacheclean　　这是清理磁盘缓冲区的命令，需要在编译时指定相关的参数，很少使用
├── htdbm
├── htdigest
├── htpasswd　　建立和更新基本认证文件，后面配置监控服务会用到
├── httpd　　是apache的控制命令程序，apachectl执行时会调用httpd
├── httxt2dbm
├── logresolve
└── rotatelogs　　apache自带的日志轮训命令

0 directories, 17 files

[root@localhost1 apache]# tree -L 1 conf/
conf/
├── extra　　apache额外的配置文件目录，实际生产环境中经常使用或修改，如httpd-vhosts.conf默认在此
├── httpd.conf　　主配置文件
├── magic
├── mime.types
└── original

2 directories, 3 files

[root@localhost1 apache]# tree -L 1 htdocs/
htdocs/
└── index.html

0 directories, 1 file

[root@localhost1 apache]# tree -L 1 logs/
logs/
├── access_log　　默认访问日志目录
├── cgisock.27892
├── error_log　　错误日志文件，服务启动故障或其他问题，都可以查看此文件
└── httpd.pid

0 directories, 4 files

[root@localhost1 conf]# egrep -v "^.*#|^$" httpd.conf |nl
     1    ServerRoot "/opt/apache2.2.34"　　#apache根目录，只能root访问，一般不做修改
     2    Listen 80　　apache监听端口，默认为80端口
     3    <IfModule !mpm_netware_module>
     4    <IfModule !mpm_winnt_module>
     5    User daemon　　apache的用户，默认是daemon，实际生产环境建议修改
     6    Group daemon
     7    </IfModule>
     8    </IfModule>
     9    ServerAdmin you@example.com　　系统管理员的邮箱，实际生产环境中修改为管理邮箱，有故障可直接发送至邮箱
    10    ServerName localhost:80(192.168.181.128:80)
    11    DocumentRoot "/opt/apache2.2.34/htdocs"
    12    <Directory />　　禁止访问文件系统所在的目录
    13        Options FollowSymLinks
    14        AllowOverride None　　禁止用户对目录配置文件进行修改
    15        Order deny,allow
    16        Deny from all
    17    </Directory>
    18    <Directory "/opt/apache2.2.34/htdocs">　　apache默认网站站点目录路径
    19        Options Indexes FollowSymLinks
    20        AllowOverride None
    21        Order allow,deny
    22        Allow from all
    23    </Directory>
    24    <IfModule dir_module>
    25        DirectoryIndex index.html配置的默认首页文件，如虚拟机没有设置，默认就调用这里的配置，首页文件可以有多个，每个文件用空格分开，调用时，前面的优先匹配
    26    </IfModule>
    27    <FilesMatch "^\.ht">　　防止.htaccess和.htpasswd等隐藏文件被Web用户查看
    28        Order allow,deny
    29        Deny from all
    30        Satisfy All
    31    </FilesMatch>
    32    ErrorLog "logs/error_log"　　错误日志路径
    33    LogLevel warn
    34    <IfModule log_config_module>
    35        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    36        LogFormat "%h %l %u %t \"%r\" %>s %b" common
    37        <IfModule logio_module>
    38          LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    39        </IfModule>
    40        CustomLog "logs/access_log" common
    41    </IfModule>
    42    <IfModule alias_module>
    43        ScriptAlias /cgi-bin/ "/opt/apache2.2.34/cgi-bin/"
    44    </IfModule>
    45    <IfModule cgid_module>
    46    </IfModule>
    47    <Directory "/opt/apache2.2.34/cgi-bin">
    48        AllowOverride None
    49        Options None
    50        Order allow,deny
    51        Allow from all
    52    </Directory>
    53    DefaultType text/plain
    54    <IfModule headers_module>
    55        RequestHeader unset Proxy early
    56    </IfModule>
    57    <IfModule mime_module>
    58        TypesConfig conf/mime.types
    59        AddType application/x-compress .Z
    60        AddType application/x-gzip .gz .tgz
    61    </IfModule>
    62    <IfModule ssl_module>
    63    SSLRandomSeed startup builtin
    64    SSLRandomSeed connect builtin
    65    </IfModule>

# Virtual hosts
#Include conf/extra/httpd-vhosts.conf

# Various default settings
#Include conf/extra/httpd-default.conf

去掉注释，即加入扩展

[root@localhost1 conf]# tree -L 2 /opt/apache/conf/extra/
/opt/apache/conf/extra/
├── httpd-autoindex.conf
├── httpd-dav.conf　　dav支持配置
├── httpd-default.conf　　apache相关服务参数（超时时间、保持连续时间等）
├── httpd-info.conf
├── httpd-languages.conf　　语言支持配置
├── httpd-manual.conf
├── httpd-mpm.conf　　服务器池管理，也就是优化apache的一个配置文件
├── httpd-multilang-errordoc.conf
├── httpd-ssl.conf　　提供apache ssl支持配配置文件
├── httpd-userdir.conf
└── httpd-vhosts.conf　　虚拟主机的配置文件

0 directories, 11 files

[root@localhost1 conf]# cat extra/httpd-vhosts.conf 
#
# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.　　#如果你希望维护多个域名/主机名，你可以为她们设置虚拟主机容器。大部分只使用基于名称的虚拟主机。
#
# Please see the documentation at 
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# Use name-based virtual hosting.
#
NameVirtualHost *:80　　80监听端口

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/opt/apache2.2.34/docs/dummy-host.example.com"
    ServerName dummy-host.example.com　　这里配置提供的域名，生产环境需要把域名解析到服务器上，同时配置到外网IP上
    ServerAlias www.dummy-host.example.com　　设置别名，此功能需要 apache mod_alias模块支持
    ErrorLog "logs/dummy-host.example.com-error_log"　　错误日志目录
    CustomLog "logs/dummy-host.example.com-access_log" common　　日志配置文件
</VirtualHost>

<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host2.example.com
    DocumentRoot "/opt/apache2.2.34/docs/dummy-host2.example.com"
    ServerName dummy-host2.example.com
    ErrorLog "logs/dummy-host2.example.com-error_log"
    CustomLog "logs/dummy-host2.example.com-access_log" common
</VirtualHost>

[root@localhost1 conf]# cat /opt/apache/build/config.nice 
#! /bin/sh
#
# Created by configure

"./configure" \
"--prefix=/opt/apache2.2.34" \
"--enable-deflate" \
"--enable-expires" \
"--enable-headers" \
"--enable-modules=most" \
"--enable-so" \
"--with-mpm=worker" \
"--enable-rewrite" \
"$@"

[root@localhost1 conf]# grep "httpd-vhosts.conf" /opt/apache/conf/httpd.conf 
Include conf/extra/httpd-vhosts.conf

[root@localhost1 extra]# cat httpd-vhosts.conf
#
# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at 
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# Use name-based virtual hosting.
#
NameVirtualHost *:80　　#这一行一定要去掉，不然会出错，此文件只保留下面的配置文件

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    ServerAdmin 928939638@qq.com
    DocumentRoot "/data/www/bbs"
    ServerName bbs.abc.com
    ServerAlias abc.com
    ErrorLog "logs/bbs-error_log"
    CustomLog "logs/bbs_access_log" common
</VirtualHost>

配置了下虚拟主机，localhost打开发现错误：
    HTTP 错误 403 - 禁止访问，即403 Forbidden：You don't have permission to access / on this server.

    可能是权限不足引起的问题。

    解决方法：
    打开apache的配置文件httpd.conf，逐行检查。
    找到：
 

代码示例:
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>
 
    由于配置了php后，此处“Deny from all”为拒绝一切连接。

    把此行修改为 “Allow from all”，即可解决问题。

    修改后的代码为：
 

代码示例:
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    allow from all
</Directory>
 
    浏览器里打开http://localhost，问题解决。

总结：
在apache服务器中，遇到403禁止访问时，重点关注下apache的httpd.conf配置文件中，是否有“Deny from all”这样的代码。
这个可能是修改了某些配置文件后，重启apache，被自动更改的。

附，另外一个apache 403错误的例子。

apache 403错误，显示信息如下：
您无权查看该网页
您可能没有权限用您提供的凭据查看此目录或网页
如果您确信能够查看该目录或网页，请尝试使用 192.168.1.5 主页上所列的电子邮件地址或电话与网站联系。
可以单击搜索，寻找 Internet 上的信息。

HTTP 错误 403 - 禁止访问 
Internet Explorer

去掉显示友好信息的钩后显示Forbidden   You don't have permission to access \ on this server.
检查了一遍配置文件httpd.conf，找到这么一段：
 

代码示例:
<Directory />
     Options FollowSymLinks
     AllowOverride None
     Order deny,allow
     deny from all
     Satisfy all
</Directory>
 
然后试着把deny from all中的deny改成了allow，保存后重起了apache，访问测试网站完全正常了。
APACHE升级到2.2版本之后，提供和支持不少模块的支持，性能和安全上也有不少改进。
以前配置好apache的httpd.conf之后，即可使用。
但现在必须额外对这个文件进行其他方面的配置，不然会出现 http 403权限问题错误。

解决方法。
以下为httpd.conf文件的其中一段原代码。
把下面代码红色标志进行更改：
 

代码示例:
<Directory "E:/wamp/www">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important. Please see
    # [url]http://httpd.apache.org/docs/2.2/mod/core.html#options[/url]
    # for more information.
    #
    Options Indexes FollowSymLinks
    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride all
    #
    # Controls who can get stuff from this server.
    #
#   onlineoffline tag - don't remove
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
</Directory>
 
红色部分更改为 Allow from all ，也就是所有访问允许通过。
http://blog.csdn.net/u011130583/article/details/42363831

[root@localhost1 ~]# cat /opt/apache/conf/extra/httpd-vhosts.conf | grep -v "#"


<VirtualHost 192.168.181.128:8888>
    ServerAdmin 928939638@qq.com
    DocumentRoot "/data/www/bbs"
    ServerName 192.168.181.1
    ServerAlias abc.com
    ErrorLog "logs/bbs-error_log"
    CustomLog "logs/bbs-access_log" common
</VirtualHost>

<VirtualHost 192.168.181.128:9999>
    ServerAdmin 928939638@qq.com
    DocumentRoot "/data/www/blog"
    ServerName 192.168.181.2
    ServerAlias abc.com
    ErrorLog "logs/bbs-error_log"
    CustomLog "logs/bbs-access_log" common
</VirtualHost>

[root@localhost1 ~]# cat /opt/apache/conf/httpd.conf | grep -v "#"

ServerRoot "/opt/apache2.2.34"

Listen 80
Listen 8888
Listen 9999


<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User daemon
Group daemon

</IfModule>
</IfModule>


ServerAdmin you@example.com

ServerName 192.168.181.128:80

DocumentRoot "/opt/apache2.2.34/htdocs"

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Allow from all
</Directory>


<Directory "/opt/apache2.2.34/htdocs">
    Options -Indexes FollowSymLinks

    AllowOverride None

    Order allow,deny
    Allow from all

</Directory>

<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

ErrorLog "logs/error_log"

LogLevel warn

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    CustomLog "logs/access_log" common

</IfModule>

<IfModule alias_module>


    ScriptAlias /cgi-bin/ "/opt/apache2.2.34/cgi-bin/"

</IfModule>

<IfModule cgid_module>
</IfModule>

<Directory "/opt/apache2.2.34/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

DefaultType text/plain

<IfModule headers_module>
    RequestHeader unset Proxy early
</IfModule>

<IfModule mime_module>
    TypesConfig conf/mime.types

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz



</IfModule>






Include conf/extra/httpd-mpm.conf






Include conf/extra/httpd-vhosts.conf




<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

<Directory "/data/www/bbs">
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<Directory "/data/www/blog">
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

[root@localhost1 ~]# cat /data/www/bbs/index.html 
this is a bbs page
[root@localhost1 ~]# cat /data/www/blog/index.html 
this is blog page

[root@localhost1 ~]# cat /opt/apache/conf/extra/httpd-vhosts.conf | grep -v "#"


<VirtualHost *:8888>
    ServerAdmin 928939638@qq.com
    DocumentRoot "/data/www/bbs"
    ServerName bbs.abc.com
    ServerAlias abc.com
    ErrorLog "logs/bbs-error_log"
    CustomLog "logs/bbs-access_log" common
</VirtualHost>

<VirtualHost *:9999>
    ServerAdmin 928939638@qq.com
    DocumentRoot "/data/www/blog"
    ServerName blog.abc.com
    ServerAlias abc.com
    ErrorLog "logs/bbs-error_log"
    CustomLog "logs/bbs-access_log" common
</VirtualHost>

具体编译命令如下
[root@Centos httpd-2.4.23]# ./configure\
--enable-expires
以 DSO 的方式编译安装如下
cd /Downloads/tools/httpd2.2.24/modules/metadata/
/application/apache/bin/apxs -c -i -a mod_expires.c
参数说明
-a 此选项会自动增加一个 LoadModule 行到 httpd.conf 文件中，来激活模块，如果此行已存在，则启用
-c 此选项表示需要执行编译操作
-i 此选项表示需要执行安装操作，以安装一个或多个动态共享对象到服务器 modules 目录中
[root@Centos modules]# cd /Downloads/tools/httpd-2.4.23/modules/metadata/
[root@Centos metadata]# /application/apache/bin/apxs -a -c -i mod_expires.c
处程省略
----------------------------------------------------------------------
chmod 755 /application/apache2.4.23/modules/mod_expires.so
[activating module `expires' in /application/apache2.4.23/conf/httpd.conf]

[root@localhost1 httpd-2.2.34]# curl -I http://bbs.abc.com:8888/
HTTP/1.1 200 OK
Date: Tue, 27 Feb 2018 05:14:26 GMT
Server: Apache/2.2.34 (Unix) DAV/2
Last-Modified: Tue, 27 Feb 2018 01:19:12 GMT
ETag: "a059e-13-566276a119d53"
Accept-Ranges: bytes
Content-Length: 19
Content-Type: text/html

[root@localhost1 httpd-2.2.34]# vim /opt/apache/conf/httpd.conf
[root@localhost1 httpd-2.2.34]# tail -10 /opt/apache/conf/httpd.conf
ExpiresActive on
    ExpiresDefault "access plus 12 month"
    ExpiresByType text/css "access plus 12 month"
    ExpiresByType image/gif "access plus 12 month"
    ExpiresByType image/jpge "access plus 12 month"
    ExpiresByType image/jpg "access plus 12 month"
    ExpiresByType image/png "access plus 12 month"
    ExpiresByType application/x-shockwave-flash "access plus 12 month"
    ExpiresByType application/x-javascript "access plus 12 month"
    ExpiresByType video/x-flv "access plus 12 month"
[root@localhost1 httpd-2.2.34]# tail -20 /opt/apache/conf/httpd.conf
    Allow from all
</Directory>

<Directory "/data/www/blog">
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

ExpiresActive on
    ExpiresDefault "access plus 12 month"
    ExpiresByType text/css "access plus 12 month"
    ExpiresByType image/gif "access plus 12 month"
    ExpiresByType image/jpge "access plus 12 month"
    ExpiresByType image/jpg "access plus 12 month"
    ExpiresByType image/png "access plus 12 month"
    ExpiresByType application/x-shockwave-flash "access plus 12 month"
    ExpiresByType application/x-javascript "access plus 12 month"
    ExpiresByType video/x-flv "access plus 12 month"

[root@localhost1 bbs]# curl -I http://bbs.abc.com:8888/
HTTP/1.1 200 OK
Date: Tue, 27 Feb 2018 05:25:29 GMT
Server: Apache/2.2.34 (Unix) DAV/2
Last-Modified: Tue, 27 Feb 2018 01:19:12 GMT
ETag: "a059e-13-566276a119d53"
Accept-Ranges: bytes
Content-Length: 19
Cache-Control: max-age=31104000
Expires: Fri, 22 Feb 2019 05:25:29 GMT
Content-Type: text/html

<VirtualHost *:9999>
ServerAdmin admini@abc.com
DocumentRoot "/data/www/blog"
ServerName blog.abc.com
ServerAlias blog1.com
ErrorLog "logs/bbs-error_log"
CustomLog "logs/bbs-access_log" common
ExpiresActive on
ExpiresDefault "access plus 12 month"
ExpiresByType text/css "access plus 12 month"
ExpiresByType image/gif "access plus 12 month"
ExpiresByType image/jpge "access plus 12 month"
ExpiresByType image/jpg "access plus 12 month"
ExpiresByType image/png "access plus 12 month"
ExpiresByType application/x-shockwave-flash "access plus 12 month"
ExpiresByType application/x-javascript "access plus 12 month"
ExpiresByType video/x-flv "access plus 12 month"

[root@localhost1 bbs]# /opt/apache/bin/apachectl -l | grep 'deflate'
  mod_deflate.c
[root@localhost1 bbs]# curl -I http://bbs.abc.com:8888/
HTTP/1.1 200 OK
Date: Tue, 27 Feb 2018 05:40:50 GMT
Server: Apache/2.2.34 (Unix) DAV/2
Last-Modified: Tue, 27 Feb 2018 01:19:12 GMT
ETag: "a059e-13-566276a119d53"
Accept-Ranges: bytes
Content-Length: 19
Cache-Control: max-age=31104000
Expires: Fri, 22 Feb 2019 05:40:50 GMT
Content-Type: text/html

[root@localhost1 bbs]# vim /opt/apache/conf/httpd.conf
[root@localhost1 bbs]# tail -20 /opt/apache/conf/httpd.conf
</Directory>

ExpiresActive on
    ExpiresDefault "access plus 12 month"
    ExpiresByType text/css "access plus 12 month"
    ExpiresByType image/gif "access plus 12 month"
    ExpiresByType image/jpge "access plus 12 month"
    ExpiresByType image/jpg "access plus 12 month"
    ExpiresByType image/png "access plus 12 month"
    ExpiresByType application/x-shockwave-flash "access plus 12 month"
    ExpiresByType application/x-javascript "access plus 12 month"
    ExpiresByType video/x-flv "access plus 12 month"

<IfModule mod_deflate.c>
    DeflateCompressionLevel 9
    SetOutputFilter DEFLATE
    AddOutputFilterByType DEFLATE text/html text/plain /text/xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE text/css
</IfModule>
[root@localhost1 bbs]# /opt/apache/bin/apachectl -t
Syntax OK
[root@localhost1 bbs]# /opt/apache/bin/apachectl graceful
[root@localhost1 bbs]# lsof -i tcp:8888
COMMAND   PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
httpd   27892   root    6w  IPv6  63602      0t0  TCP *:ddi-tcp-1 (LISTEN)
httpd   45450 daemon    6u  IPv6  63602      0t0  TCP *:ddi-tcp-1 (LISTEN)
httpd   45451 daemon    6u  IPv6  63602      0t0  TCP *:ddi-tcp-1 (LISTEN)
[root@localhost1 bbs]# curl -I http://bbs.abc.com:8888/1.jpg
HTTP/1.1 200 OK
Date: Tue, 27 Feb 2018 05:45:08 GMT
Server: Apache/2.2.34 (Unix) DAV/2
Last-Modified: Wed, 29 Nov 2017 08:16:39 GMT
ETag: "a059a-bdb1-55f1ac137c7c0"
Accept-Ranges: bytes
Content-Length: 48561
Cache-Control: max-age=31104000
Expires: Fri, 22 Feb 2019 05:45:08 GMT
Vary: Accept-Encoding　　　　#出现这个提示表明已经启用压缩
Content-Type: image/jpeg

[root@localhost1 bin]# ll
total 3776
-rwxr-xr-x 1 root root   75861 Feb 26 17:10 ab
-rwxr-xr-x 1 root root    3425 Feb 26 17:08 apachectl
-rwxr-xr-x 1 root root    6986 Feb 26 17:10 apr-1-config
-rwxr-xr-x 1 root root    6601 Feb 26 17:10 apu-1-config
-rwxr-xr-x 1 root root   22652 Feb 26 17:08 apxs
-rwxr-xr-x 1 root root   12269 Feb 26 17:10 checkgid
-rwxr-xr-x 1 root root    8925 Feb 26 17:08 dbmmanage
-rw-r--r-- 1 root root    1071 Feb 26 17:08 envvars
-rw-r--r-- 1 root root    1071 Feb 26 17:08 envvars-std
-rwxr-xr-x 1 root root   45328 Feb 26 17:10 htcacheclean
-rwxr-xr-x 1 root root   30347 Feb 26 17:10 htdbm
-rwxr-xr-x 1 root root   22476 Feb 26 17:10 htdigest
-rwxr-xr-x 1 root root   31665 Feb 26 17:10 htpasswd
-rwxr-xr-x 1 root root 3497167 Feb 26 17:10 httpd
-rwxr-xr-x 1 root root   20180 Feb 26 17:10 httxt2dbm
-rwxr-xr-x 1 root root   22937 Feb 26 17:10 logresolve
-rwxr-xr-x 1 root root   24964 Feb 26 17:10 rotatelogs　　#默认日志服务

查看服务安装是否成功
[root@Centos cronolog-1.6.2]# ls /usr/local/sbin/
cronolog cronosplit
编辑主配置文件修改日志配置
[root@Centos cronolog-1.6.2]# vi /application/apache/conf/extra/httpd-vhosts.conf
#port bash name
<VirtualHost *:80>
ServerAdmin admini@abc.com
DocumentRoot "/data/www/bbs"
ServerName bbs.abc.com
ServerAlias bbs.com
ErrorLog "logs/bbs-error_log"
#CustomLog "logs/bbs-access_log" common#注释掉原来的配置，新增下面一行配置
CustomLog "|/usr/local/sbin/cronolog /application/apache/logs/bbs-access_%d.log" combined
#按天来轮询日志信息
"/application/apache2.4.23/conf/extra/httpd-vhosts.conf" 43L, 1397C written
检查语法与重启服务
[root@Centos cronolog-1.6.2]# /application/apache/bin/apachectl -t
Syntax OK
[root@Centos cronolog-1.6.2]# /application/apache/bin/apachectl graceful
1、 查看日志信息
进入日志记录的目录查看
[root@Centos cronolog-1.6.2]# cd /application/apache/logs/
[root@Centos logs]# ll
total 204
-rw-r--r--. 1 root root 3255 Sep 20 03:44 access_log
-rw-r--r--. 1 root root 68367 Sep 23 08:35 bbs-access_log
-rw-r--r--. 1 root root 79370 Sep 23 08:35 bbs-error_log
-rw-r--r--. 1 root root 2315 Sep 23 07:38 blog-access_log
-rw-r--r--. 1 root root 0 Sep 23 06:31 blog-error_log
-rw-r--r--. 1 root root 32632 Sep 23 08:52 error_log
-rw-r--r--. 1 root root 5 Sep 23 08:52 httpd.pid
上面是原来的日志目录内容，接下来我们访问站点看看目录内容会不会有变化
249 / 753
[root@Centos logs]# ll
total 212
-rw-r--r--. 1 root root 3255 Sep 20 03:44 access_log
-rw-r--r--. 1 root root 1788 Sep 23 09:00 bbs-access_23.log
-rw-r--r--. 1 root root 68367 Sep 23 08:35 bbs-access_log
-rw-r--r--. 1 root root 81482 Sep 23 09:00 bbs-error_log
-rw-r--r--. 1 root root 2315 Sep 23 07:38 blog-access_log
-rw-r--r--. 1 root root 0 Sep 23 06:31 blog-error_log
-rw-r--r--. 1 root root 33503 Sep 23 09:00 error_log
-rw-r--r--. 1 root root 5 Sep 23 09:00 httpd.pid
表明配置是正确的，访问站点后会自动生成以天为单位的日志文件
[root@Centos logs]# date -s '09/24/16'
Sat Sep 24 00:00:00 CST 2016
[root@Centos logs]# ll
total 220
-rw-r--r--. 1 root root 3255 Sep 20 03:44 access_log
-rw-r--r--. 1 root root 1788 Sep 23 09:00 bbs-access_23.log
-rw-r--r--. 1 root root 894 Sep 24 00:00 bbs-access_24.log
-rw-r--r--. 1 root root 68367 Sep 23 08:35 bbs-access_log
-rw-r--r--. 1 root root 82538 Sep 24 00:00 bbs-error_log
-rw-r--r--. 1 root root 2315 Sep 23 07:38 blog-access_log
-rw-r--r--. 1 root root 0 Sep 23 06:31 blog-error_log
-rw-r--r--. 1 root root 33503 Sep 23 09:00 error_log
-rw-r--r--. 1 root root 5 Sep 23 09:00 httpd.pid
修改时间后，目录会自动生产一个日志文件
2、 日志记录的信息
[root@Centos logs]# tail -f /application/apache/logs/bbs-access_24.log
192.168.1.200 - - [24/Sep/2016:00:00:18 +0800] "GET / HTTP/1.1" 403 209 "-" "Mozilla/5.0 (compatible;
MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
192.168.1.200 - - [24/Sep/2016:00:00:19 +0800] "GET / HTTP/1.1" 403 209 "-" "Mozilla/5.0 (compatible;
MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
目前是六行信息，我们在客户端刷新网页看看变化
[root@Centos logs]# tail -f /application/apache/logs/bbs-access_24.log
192.168.1.200 - - [24/Sep/2016:00:00:18 +0800] "GET / HTTP/1.1" 403 209 "-" "Mozilla/5.0 (compatible;
MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
250 / 753
192.168.1.200 - - [24/Sep/2016:00:00:19 +0800] "GET / HTTP/1.1" 403 209 "-" "Mozilla/5.0 (compatible;
MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
192.168.1.200 - - [24/Sep/2016:00:14:02 +0800] "GET / HTTP/1.1" 403 209 "-" "Mozilla/5.0 (compatible;
MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
192.168.1.200 - - [24/Sep/2016:00:14:05 +0800] "GET / HTTP/1.1" 403 209 "-" "Mozilla/5.0 (compatible;
MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
刷新两次就会增加两行的日志记录，信息里说明有：客户端地址、访问时间、协议、客户端系统版本、浏览器

[root@localhost1 logs]# egrep "User|Group" /opt/apache/conf/httpd.conf
# User/Group: The name (or #number) of the user/group to run httpd as.
User apache
Group apache
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
# User home directories

[root@Centos ~]# grep "Error" /application/apache/conf/httpd.conf
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
ErrorLog "logs/error_log"
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html # ErrorDocument 404 http://www.abc.com 跳转到指定页面
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html:

修改 httpd.conf 文件，打开模块
[root@Centos conf]# cat /application/apache/conf/httpd.conf|grep httpd-default
#Include conf/extra/httpd-default.conf
修改成 Include conf/extra/httpd-default.conf
[root@Centos conf]# sed -i 's#\#Include conf/extra/httpd-default.conf#Include conf/extra/httpd-default.conf#g'
//application/apache/conf/httpd.conf
[root@Centos conf]# cat /application/apache/conf/httpd.conf|grep httpd-default
Include conf/extra/httpd-default.conf
[root@Centos conf]# ../bin/apachectl -t
Syntax OK
[root@Centos conf]# ../bin/apachectl graceful
[root@Centos apache]# egrep -v "^.*#|^$" ./conf/extra/httpd-default.conf
Timeout 60
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
ServerTokens Full-----------------------------------------------> ServerTokens Prod
ServerSignature On---------------------------------------------> ServerSignature Off
HostnameLookups Off
<IfModule reqtimeout_module>
RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>

</IfModule>
<Directory "/data/www/blog">
Options Indexes FollowSymLinks #修改成 OptionsFollowSymLinks
AllowOverride None
Require all granted
</Directory>

</IfModule>
<Directory "/data/www/blog">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>

此功能是为了其它用户使用站点中的文件，但是不是下载到本地然后上传到 B 网站，而是直接使用文件的链接，
所以当别的用户访问这个链接时，其实真正访问的不是 B 网站，而是我们的站点服务器，一旦这种流量增加，
就会增加服务器的负载，所以这也是优化的重要参数之一
首先在/application/apache/conf/httpd.conf 文件里打开如下模块
LoadModule rewrite_module modules/mod_rewrite.so
<IfModule rewrite_module >
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www.abc.com.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.abc.com.org$ [NC]
RewriteCond %{HTTP_REFERER} !^ abc.com.org/.*$ [NC]
</IfModule>
优化的参数太多，具体应用还得实际生产环境的需求

<Directory "/data/www/blog">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
php_flag engine off #防止上传 PHP 木马文件，远程执行
</Directory>