Example Analysis of Apache Page and Security Optimization in Linux system 02/24 Update SLTechnology News&Howtos

Example Analysis of Apache Page and Security Optimization in Linux system

2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

This article is to share with you the content of a sample analysis of Apache web pages and security optimization in Linux systems. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

Apache Web Page Optimization Overview of Apache Web Page Optimization

In enterprises, only the default configuration parameters are used after the deployment of Apache, which will cause a lot of problems on the website. In other words, the default configuration is configured for previously lower servers, and the previous configuration is no longer suitable for today's Internet era.

In order to meet the needs of enterprises, we need to consider how to improve the performance and stability of Apache, which is the content of Apache optimization.

Optimize content

Configure web page compression

Selection of working mode and parameter optimization

Configure hotlink protection

Configure hidden version number

Introduction to Web Page Compression gzip

Configure Apache's web page compression function, which uses the gzip compression algorithm to compress the web page content and then transfer it to the client browser.

Action

Reduces the number of bytes transmitted through the network and speeds up the loading speed of web pages.

Save traffic and improve users' browsing experience

Gzip has a better relationship with the crawling tool of search bow | engine.

Compression module of Apache

The functional modules of Apache to realize web page compression include

Mod_gzip module

Mod_deflate module

Apache 1.x

There is no built-in web page compression technology, but compression can be performed using the third-party mod _ gzip module

Apache 2.x

At the time of development, the module mod_deflate is built in to replace mod_gzip

Mod_gzip module and mod_ deflate module

Both of them use gzip compression algorithm, which works similarly.

Mod_deflate compression speed is slightly faster, while mod_gzip compression ratio is slightly higher.

The occupation of server CPU by mod_gzip is one-higher.

For high-traffic servers, mod_deflate may load faster than mod_gzip

Configure web page compression

Manually compile and install the HTTP service

Download the source package

Apr-1.6.2.tar.gz

Apr-util-1.6.0.tar.gz

Httpd-2.4.29.tar.bz2

[root@localhost ~] # mount.cifs / / 192.168.100.10/lamp-c7 / mnt/ / the directory where the source code package is stored in the host is mounted to the mnt directory Password for root@//192.168.100.10/lamp-c7: [root@localhost ~] # cd / mnt/ enter the mount directory [root@localhost mnt] # ls / / check your apr-1.6.2.tar. Gz cronolog-1.6.2-14.el7.x86_64.rpm httpd-2.4.29.tar.bz2 mysql-5.6.26.tar.gzapr-util-1.6.0.tar.gz Discuz_X2.5_SC_UTF8.zip LAMP-php5.6.txt nginx-1.12.0.tar.gzawstats-7.6.tar.gz error.png miao.jpg Php-5.6.11.tar.bz2 [root@localhost mnt] # tar jxvf httpd-2.4.29.tar.bz2-C / opt/ / decompressed Source package [root@localhost mnt] # tar zxvf apr-1.6.2.tar.gz-C / opt [root@localhost mnt] # tar zxvf apr-util-1.6.0.tar.gz-C / opt/ [root@localhost mnt] # cd / opt [root@localhost opt] # lsapr- 1.6.2 apr-util-1.6.0 httpd-2.4.29 rh [root@localhost opt] # mv apr-1.6.2/ httpd-2.4.29/srclib/apr / / put the extracted environment package into the httpd-2.4.29 directory [root@localhost opt] # mv apr-util-1.6.0/ httpd-2.4.29/srclib/apr-util [root@localhost opt] # cd httpd-2.4.29 / / go to the httpd-2.4.29 directory [root@localhost httpd-2.4.29] # yum install gcc gcc-c++ pcre-devel pcre zlib-devel expat-devel perl-yamp / installation environment package [root@localhost httpd-2.4.29] #. / configure-- prefix=/usr/local/httpd-- enable-deflate-- enable-so-- enable-expires-- enable-rewrite-- enable-charset-lite-- enable-cgi / / configure the installation file [ Root@localhost httpd-2.4.29] # make & & make install / / installation service

Go to the http service configuration file to check whether the compression module service is enabled

[root@localhost httpd-2.4.29] # cd / usr/local/httpd/conf/ [root@localhost conf] # lsextra httpd.conf magic mime.types original [root@localhost conf] # ln-s / usr/local/httpd/conf/httpd.conf / etc/httpd.conf [root@localhost conf] # vim / etc/httpd.conf...// omit part. # LoadModule charset_lite_module modules/mod_charset_lite.soLoadModule deflate_module modules/mod_deflate. So / / find this entry And open LoadModule mime_module modules/mod_mime.so...// to omit part of the content. # LoadModule expires_module modules/mod_expires.soLoadModule headers_module modules/mod_headers.so / / find request header module Confirm whether to enable # LoadModule unique_id_module modules/mod_unique_id.so...// omitting part of the content. # LoadModule include_module modules/mod_include.soLoadModule filter_module modules/mod_filter.so / / check whether the filter module is enabled # LoadModule substitute_module modules/mod_substitute.so...// omitted part of the content. AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml text/javascript text/jpg text/png / / write compression module at the end of the file support file DeflateCompressionLevel 9 / / create entries Compression level 9 high compression ratio SetOutputFilter DEFLATE / / set the compression module to the default module load: wq / / Save exit [root@localhost conf] # / usr/local/httpd/bin/apachectl-t / / use the command to test whether the configuration file syntax is normal AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message// prompt does not set the domain name Syntax OK / / syntax is normal [root@localhost conf] # vim / etc/httpd.conf / / Edit the main configuration file. / / omit part of the contents. # prevent Apache from glomming onto all bound IP addresses.#Listen 192.168.144.133 Syntax OK 80 / / Open and change the listening interface # Listen 80. Part of the content. # If your host doesn't have a registered DNS name Enter its IP address here.#ServerName www.kgc.com:80 / / Open and change the domain name. / / omit part of the content.: wq [root@localhost conf] # / usr/local/httpd/bin/apachectl-t / / check syntax Syntax OK / / syntax is normal [root@localhost conf] # cp / usr/local/httpd/bin/apachectl / etc/init.d/httpd / / copy the startup script to the init.d directory And name it httpd [root@localhost conf] # vim / etc/init.d/httpd #! / bin/sh# chkconfig: 35 85 21 # description: Apache is a World Wide Web server / / add declaration information under the first line. / / omit part of the content. [root@localhost conf] # chkconfig-- add httpd/ / add httpd to SERVICE Manager [root@localhost conf] # ln-s / usr/local/httpd/bin/* / usr / local/bin/ soft link the http command to the / usr/local/bin/ directory [root@localhost conf] # service httpd start / / use the service command to start the HTTP service [root@localhost conf] # netstat-ntap | grep 80 / / check whether the port is open tcp 0 0192.168.144.133 root@localhost conf 80 0.0.0.0 root@localhost conf * LISTEN 42332/httpd [root@ Localhost conf] # systemctl stop firewalld.service / / disable anti-firewall [root@localhost conf] # setenforce 0 / / disable enhanced security [root@localhost conf] # cd / usr/local/httpd/bin/ enter the directory [root@localhost bin] # / apachectl-t-D DUMP_MODULES | grep "deflate" / / check whether the compression module is enabled deflate_module (shared) / / successfully

This starts a win 10 virtual machine and installs the package grab tool download in the virtual machine.

Visit the web page provided by the http service in the client browser and view the package grabbing tool

Insert a picture into a web page to see if the web page compression function can be used properly

[root@localhost bin] # cd / mnt / / enter the mount point [root@localhost mnt] # ls / / View apr-1.6.2.tar.gz cronolog-1.6.2-14.el7.x86_64.rpm httpd-2.4.29.tar.bz2 mysql-5.6.26.tar.gzapr-util-1.6.0.tar.gz Discuz_X2.5_SC_UTF8.zip LAMP-php5.6.txt nginx-1.12.0.tar.gzawstats-7.6.tar.gz error.png miao.jpg php-5.6.11.tar.bz2 [root@localhost mnt] # cp miao.jpg / usr/local/httpd/htdocs/ copy the picture to the http site directory [root@localhost mnt] # cd / usr/local/httpd/htdocs/ [root @ localhost htdocs] # lsindex.html miao.jpg [root@localhost htdocs] # vim index.html It works!

: wq

Visit the web page again in the client

Thank you for reading! This is the end of this article on "sample analysis of Apache web pages and security optimization in Linux system". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it out for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.