httpd 重定向

2023-05-31 21:26:05

æç« ç®å½

- - httpd éå®å
  - - ä¸ãéå®å
    - - 1.1 æ ¼å¼ï¼
      - 2.2 åæ°
      - 2.3 ä¾ï¼
      - 2.3.1 æ¹æ³ä¸
        
        2.3.2 ä¸ä½¿ç¨èæä¸»æºçæ¹å¼
    - äºãHSTS:
    - - HTTP Strict Transport Security
      - HSTSçä½ç¨ :
      - HSTS preload list
      - å®ç°HSTSç¤ºä¾ï¼

httpd éå®å

ä¸ãéå®å

1.1 æ ¼å¼ï¼

Redirect [status] URL-path URL

2.2 åæ°

statusç¶æï¼

Permanentï¼ è¿åæ°¸ä¹éå®åç¶æç 301
Tempï¼è¿åä¸´æ¶éå®åç¶æç 302. æ¤ä¸ºé»è®¤å¼

2.3 ä¾ï¼

å½è®¿é® http://www.a.com è·³è½¬å°https://www.a.com

ç¯å¢ï¼å®ç°httpsçè®¿é®ï¼çä¸èï¼

2.3.1 æ¹æ³ä¸

éè¿èæä¸»æºçæ¹å¼

<virtualhost *:80>
documentroot /data/asite
servername www.a.com
<Directory "/data/asite">
    Require all granted
 </Directory>
 redirect temp / https://www.a.com                                                            
 </virtualhost>

æµè¯ï¼

[[emailÂ protected] ~]# curl  -I  www.a.com
HTTP/1.1 302 Found
Date: Sat, 22 Feb 2020 18:32:57 GMT
Server: Apache
Location: https://www.a.com
Content-Type: text/html; charset=iso-8859-1

[[emailÂ protected] ~]# curl  -Lk  www.a.com
a  aa

2.3.2 ä¸ä½¿ç¨èæä¸»æºçæ¹å¼

conf

DocumentRoot "/var/www/html"
redirect temp / https://www.a.com

æµè¯ ï¼åç°æ¥éäº

[[emailÂ protected] ~]# curl www.a.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.a.com">here</a>.</p>
</body></html>
[[emailÂ protected] ~]# curl -Lk www.a.com
curl: (47) Maximum (50) redirects followed

ä¸ç¨ redirect , æ¢ç§æ¹å¼ï¼åå¯ä»¥è§£å³

DocumentRoot "/var/www/html"

RewriteEngine on                                                                                                                           
RewriteRule ^(/.*)$  https://%{HTTP_HOST}$1 [redirect=302]

æµè¯

[[emailÂ protected] ~]# curl -I www.a.com
HTTP/1.1 302 Found
Date: Sat, 22 Feb 2020 18:56:55 GMT
Server: Apache
Location: https://www.a.com/
Content-Type: text/html; charset=iso-8859-1

[[emailÂ protected] ~]# curl -Lk www.a.com
a  aa

äºãHSTS:

HTTP Strict Transport Security

â æå¡å¨ç«¯éç½®æ¯æHSTSåï¼ä¼å¨ç»æµè§å¨è¿åçHTTPé¦é¨ä¸æºå¸¦HSTSåæ®µã æµè§å¨è·åå°è¯¥ä¿¡æ¯åï¼ä¼å°ææHTTPè®¿é®è¯·æ±å¨åé¨å307è·³è½¬å°HTTPSã èæ éä»»ä½ç½ç»è¿ç¨

HSTSçä½ç¨ :

å¯ä»¥é¿åå ä¸ºéå®åçè¿ç¨ä¸è¢«å«æ

HSTS preload list

å®ç°HSTSç¤ºä¾ï¼

conf

vim /etc/httpd/conf/httpd.conf 
Header always set Strict-Transport-Security "max-age=31536000" RewriteEngine on 
RewriteEngine on                                                                                                                           
RewriteRule ^(/.*)$  https://%{HTTP_HOST}$1 [redirect=302]

éªè¯

[[emailÂ protected] ~]# curl -I www.a.com
HTTP/1.1 302 Found
Date: Sat, 22 Feb 2020 19:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Location: https://www.a.com/
Content-Type: text/html; charset=iso-8859-1

httpd 重定向

æç« ç®å½

httpd éå®å

ä¸ãéå®å

1.1 æ ¼å¼ï¼

2.2 åæ°

2.3 ä¾ï¼

äºãHSTS:

HTTP Strict Transport Security

HSTSçä½ç¨ :

HSTS preload list

å®ç°HSTSç¤ºä¾ï¼

繼續閱讀

圖解HTTP----确認通路使用者身份的認證一、概述二、何為認證三、BASIC認證四、DIGEST認證五、SSL用戶端認證六、基于表單認證七、認證多半為基于表單認證八、Session管理及Cookie應用

【圖解HTTP筆記】第七章確定Web安全的HTTPS

《圖解HTTP》學習筆記（六）-確定Web安全的HTTPS

HTTP學習筆記（7）—— 確定WEB安全的HTTPS

圖解HTTP之確定Web安全的HTTPS（七）

【圖解HTTP】——確定Web安全的HTTPSHTTPS小結

圖解HTTP讀書筆記（四）

圖解HTTP讀書筆記（一）

了解cookie和session的作用、聯系與差別

HTTP-cookie與session簡介

http/https--Cookie與Sessionhttp/https–Cookie與Sessioncookie與session的差別：

Android的前後端互動架構搭建（okhhtp+springboot+mysql完整版）

Python 搭建一個簡易QQ機器人

淺談使用Fiddler工具進行弱網測試

配置網頁内容的通路3案例3：配置網頁内容通路

httpd 重定向

æç« ç®å½

httpd éå®å

ä¸ãéå®å

1.1 æ ¼å¼ï¼

2.2 åæ°

2.3 ä¾ï¼

äºãHSTS:

HTTP Strict Transport Security

HSTSçä½ç¨ :

HSTS preload list

å®ç°HSTSç¤ºä¾ï¼

繼續閱讀

æç« ç®å½

httpd éå®å

ä¸ãéå®å

1.1 æ ¼å¼ï¼

2.2 åæ°

2.3 ä¾ï¼

äºãHSTS:

HSTSçä½ç¨ :

å®ç°HSTSç¤ºä¾ï¼