Apache提供来自其他域的内容?
最近,我在Apache的访问日志中注意到以下消息:
"GET http://api.ipify.org/ HTTP/1.1" 200 251
"GET http://boxun.com/ HTTP/1.1" 200 251
"GET http://www.epochtimes.com/ HTTP/1.1" 200 251
"GET http://www.123cha.com/ HTTP/1.1" 200 251这些请求看起来是无害的,但在我看来,Apache的响应是200。这是否意味着它很高兴地充当对其他域的请求的代理服务器?我对此的关注是正确的吗?我是否可以配置一个设置来阻止它这样做呢?
另外,这些请求是如何到达我的服务器的?是否有一种方法可以创建一个cURL命令来向不相关的域发出特定URL的GET请求?
下面是apachectl -S的结果,将我的域替换为example.com:
VirtualHost configuration:
*:443 is a NameVirtualHost
default server example.com (/etc/httpd/conf/extra/httpd-ssl.conf:121)
port 443 namevhost example.com (/etc/httpd/conf/extra/httpd-ssl.conf:121)
wild alias *.example.com
port 443 namevhost sample.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:72)
alias www.sample.example.com
alias example.com/sample
port 443 namevhost test.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:101)
alias example.com/test
port 443 namevhost comp.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:113)
alias example.com/comp
port 443 namevhost less.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:125)
port 443 namevhost nothing.example.com (/etc/httpd/conf/extra/nothing.conf:13)
*:80 is a NameVirtualHost
default server example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:66)
port 80 namevhost example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:66)
port 80 namevhost sample.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:72)
alias www.sample.example.com
alias example.com/sample
port 80 namevhost test.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:101)
alias example.com/test
port 80 namevhost comp.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:113)
alias example.com/comp
port 80 namevhost less.example.com (/etc/httpd/conf/extra/httpd-vhosts.conf:125)
port 80 namevhost nothing.example.com (/etc/httpd/conf/extra/nothing.conf:13)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/srv/http"
Main ErrorLog: "/var/log/httpd/error_log"
Mutex proxy-balancer-shm: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="http" id=33
Group: name="http" id=33以下是用curl发送这样一个请求的结果:
$ curl -vs -o /dev/null -H 'Host: api.ipify.org' http://example.com/
* Trying 93.184.216.34...
* TCP_NODELAY set
* Connected to example.com (93.184.216.34) port 80 (#0)
> GET / HTTP/1.1
> Host: api.ipify.org
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Fri, 19 Oct 2018 20:28:12 GMT
< Server: Apache/2.4.35 (Unix) OpenSSL/1.1.1
< Upgrade: h2
< Connection: Upgrade
< Last-Modified: Tue, 03 Jul 2018 14:20:39 GMT
< ETag: "fb-5701904b6ba1c"
< Accept-Ranges: bytes
< Content-Length: 251
< Content-Type: text/html
<
{ [251 bytes data]
* Connection #0 to host example.com left intact
$ tail -n 1 /var/log/httpd/access_log
"GET / HTTP/1.1" 200 251回答 1
Server Fault用户
发布于 2018-10-19 21:40:39
您的服务器并不决定客户端与哪个域进行联系,这是DNS服务器的特权。
根据Apache手册,您肯定有一个“所有捕获”的虚拟主机,第一个加载的虚拟主机将响应所有不符合任何其他虚拟主机需求的请求。
您可以尝试的一种方法是在主机文件(/etc/hosts客户端,c:\ windows \System32 32\drivers\etc\host用于windows客户端)中有一个条目将服务器IP绑定到任何域,example.com就是一个很好的例子。
现在,如果您尝试打开http://example.com,您将看到服务器的第一个配置的虚拟主机的DirectoryIndex,并且您的日志中有一个很好的行,说明有人(您)从您的服务器请求http://example.com,它得到了一个200 OK作为响应。
https://serverfault.com/questions/936348
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号