访é®æ§å¶
以ä¸é对apacheèæ主æºé ç½®
ç½ç«è®¿é®ï¼éå¶æå®ipæå¯ä»¥è®¿é®ãåªå 许å ç½ç»å½ï¼ä¸å è®¸å ¶ä»å°åç»å½ã
Orderå®ä¹é¡ºåºï¼å denyï¼ç¶åæ§è¡ä¸é¢çdeny from allï¼ç¶åæ§è¡allowï¼åæ§è¡allow from 127.0.0.1ï¼æææ¯æç»ææçï¼åªå 许æ¬å°å¯ä»¥è®¿é®ã
Order deny,allow
Deny from all
Allow from 127.0.0.1
é对请æ±çurlå»éå¶ï¼åªå 许å ç½åæå®ipå¯ä»¥è®¿é®å å«adminå ³é®è¯çå°åï¼ä¸è¬ä¸ºç®¡çåå°ï¼
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from 2.2.2.2
åå¦è¯¥èææºçåå为 domain.com , è¿æ ·é ç½®åï¼é¤äº 127.0.0.1 å 2.2.2.2 å¤ï¼å ¶ä»ip访é®ä»¥ä¸ç±»ä¼¼çuriæ¶é½ä¼ç´æ¥ç¦æ¢çã
http://domain.com/1212admin.txt
http://domain.com/admin.php
http://domain.com/1212/admin.html ç
æ个ç®å½ä¸ç¦æ¢è§£æphpï¼ç®å½å¯ä»¥èªå®ä¹ï¼php解æ失败çè¯ä¼æ¾ç¤ºæºä»£ç ï¼å¯¹äºç½ç«æ¥è¯´ä¸å®å ¨ã
php_admin_flag engine off
Order deny,allow
Deny from all
[r[email protected] www]# curl -x127.0.0.1:80 www.111.com/forum.php -I
HTTP/1.1Â 403Â Forbidden
Date: Mon, 04 May 2015 07:41:15 GMT
Server:Â Apache/2.2.29Â (Unix)Â DAV/2Â PHP/5.3.28
Content-Type:Â text/html;Â charset=iso-8859-1
apache rewrite模ååºç¨ââ伪éæç½é¡µ
mod_rewriteæ¯Apacheçä¸ä¸ªé常强大çåè½ï¼å®å¯ä»¥å®ç°ä¼ªéæ页é¢ã
伪éæ页é¢ï¼ç½ååååé¢çå°åè§èå¡«åï¼çèµ·æ¥æ´ç¾è§ï¼éåSEOæç´¢ã
discuz! 管çåå°é¡µé¢ââå ¨å±ââ左侧çSEO设置ââURL伪éæï¼å³è¾¹çå¯ç¨éé¡¹å ¨é¨æå¾ã
discuz伪éæé ç½®ï¼åå ¥å°èæ主æºé ç½®rewrite模åä¸ï¼forumæ¯çåï¼threadæ¯å¸åï¼
RewriteEngine on
RewriteRule ^/topic-(.+)\.html$ /portal.php?mod=topic&topic=$1&%1
RewriteRule ^/article-([0-9]+)-([0-9]+)\.html$ /portal.php?mod=view&aid=$1&page=$2&%1
RewriteRule ^/forum-(\w+)-([0-9]+)\.html$ /forum.php?mod=forumdisplay&fid=$1&page=$2&%1
RewriteRule ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=viewthread&tid=$1&extra=page\%3D$3&page=$2&%1
RewriteRule ^/group-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=group&fid=$1&page=$2&%1
RewriteRule ^/space-(username|uid)-(.+)\.html$ /home.php?mod=space&$1=$2&%1
RewriteRule ^/blog-([0-9]+)-([0-9]+)\.html$ /home.php?mod=space&uid=$1&do=blog&id=$2&%1
RewriteRule ^/archiver/(fid|tid)-([0-9]+)\.html$ /archiver/index.php?action=$1&value=$2&%1
RewriteRule ^/([a-z]+[a-z0-9_]*)-([a-z0-9_\-]+)\.html$ /plugin.php?id=$1:$2&%1
å®éªç»æï¼
å¸åå°å为ï¼http://www.111.com/forum.php?mod=viewthread&tid=1&extra=
伪éæä¹å为ï¼http://www.111.com/thread-1-1-1.html
apache éå¶æå®user_agent
æäºuser_agent ä¸æ¯æ们æ³è¦çï¼å¯ä»¥éè¿rewriteåè½é对 %{HTTP_USER_AGENT} æ¥rewireteå°403页ï¼ä»èè¾¾å°éå¶æäºuser_agentç请æ±ã
apacheçrewriteåè½æä¸é¡¹å°±æ¯forbiddenï¼é£å°±æ¯ Fï¼éåè§åä¼æ¾ç¤º403é误ï¼æ æ³æå¼ç½é¡µã
éå¶curlåIEæµè§å¨8.0ä¸è½è®¿é®ï¼360çæµè§å¨çæ¬ä¸ºIE 7.0å¯ä»¥è®¿é®ãUSER_AGENTå ·ä½ççæ¬éè¦çæ¥å¿ç详ç»ä¿¡æ¯ï¼ç¶åè¿è¡éå¶ã
ä¾å¦ï¼("Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)")
å¦ç¦ç¨ææçIEæµè§å¨ï¼RewriteCond %{HTTP_USER_AGENT}  ^.*MSIE*
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} Â ^.*MSIE\ 8.0* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Â ^.*curl* [NC]
RewriteRule  .*  -  [F]
æµè¯ç»æï¼ä½¿ç¨curlæ¬å°è§£æç½ç«ä¸º403é误ï¼ç½é¡µè®¿é®IEæ示403é误ï¼360æµè§å¨å¯ä»¥æå¼ã[[email protected] www]# curl -x127.0.0.1:80 www.1111.com -I
HTTP/1.1Â 403Â Forbidden
Date: Thu, 07 May 2015 02:09:58 GMT
Server:Â Apache/2.2.29Â (Unix)Â DAV/2Â PHP/5.3.28
Content-Type:Â text/html;Â charset=iso-8859-1