Apache: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 1: | Line 1: | ||
=Documentation= | |||
http://httpd.apache.org/docs/2.3/mod/core.html | http://httpd.apache.org/docs/2.3/mod/core.html | ||
=proxy= | |||
The idea is to receive all incoming requests on a single HTTP server. This server, using mod_proxy and mod_rewrite, will route requests to X backend servers, acting as a reverse proxy. This can be done very simply once mod_proxy is installed, by adding lines such as: | The idea is to receive all incoming requests on a single HTTP server. This server, using mod_proxy and mod_rewrite, will route requests to X backend servers, acting as a reverse proxy. This can be done very simply once mod_proxy is installed, by adding lines such as: | ||
| Line 11: | Line 11: | ||
This would route all requests starting with a t to the site somewhere.com and present its contents to the user as if delivered by the front server. | This would route all requests starting with a t to the site somewhere.com and present its contents to the user as if delivered by the front server. | ||
=who is hammering my apache?= | |||
sudo perl -e '$ip{(split)[0]}++ while <>; print map "$_ : $ip{$_}\n", sort {$ip{$b} <=> $ip{$a}} keys %ip' /var/log/httpd/halfface.se.access.log | sudo perl -e '$ip{(split)[0]}++ while <>; print map "$_ : $ip{$_}\n", sort {$ip{$b} <=> $ip{$a}} keys %ip' /var/log/httpd/halfface.se.access.log | ||
=POST logging mod_security= | |||
/etc/httpd/conf.d/mod_security.conf.bak3 | /etc/httpd/conf.d/mod_security.conf.bak3 | ||
LoadModule security2_module modules/mod_security2.so | LoadModule security2_module modules/mod_security2.so | ||
| Line 32: | Line 32: | ||
</IfModule> | </IfModule> | ||
=POST logging mod_dumpio= | |||
/etc/httpd/conf.d/mod_dumpio.conf.bak | /etc/httpd/conf.d/mod_dumpio.conf.bak | ||
LoadModule dumpio_module modules/mod_dumpio.so | LoadModule dumpio_module modules/mod_dumpio.so | ||
| Line 40: | Line 40: | ||
DumpIOLogLevel warn | DumpIOLogLevel warn | ||
</IfModule> | </IfModule> | ||
=apachectl= | |||
Verify apache config file. | Verify apache config file. | ||
apachectl -S -f /etc/httpd/conf/httpd.conf | apachectl -S -f /etc/httpd/conf/httpd.conf | ||
Revision as of 13:18, 18 December 2017
Documentation
http://httpd.apache.org/docs/2.3/mod/core.html
proxy
The idea is to receive all incoming requests on a single HTTP server. This server, using mod_proxy and mod_rewrite, will route requests to X backend servers, acting as a reverse proxy. This can be done very simply once mod_proxy is installed, by adding lines such as:
RewriteEngine on RewriteRule ^t(.*)$ http://somewhere.com/ [P,L]
This would route all requests starting with a t to the site somewhere.com and present its contents to the user as if delivered by the front server.
who is hammering my apache?
sudo perl -e '$ip{(split)[0]}++ while <>; print map "$_ : $ip{$_}\n", sort {$ip{$b} <=> $ip{$a}} keys %ip' /var/log/httpd/halfface.se.access.log
POST logging mod_security
/etc/httpd/conf.d/mod_security.conf.bak3 LoadModule security2_module modules/mod_security2.so <IfModule !mod_unique_id.c> LoadModule unique_id_module modules/mod_unique_id.so </IfModule> <IfModule mod_security2.c> SecRuleEngine On SecAuditEngine on SecAuditLog /var/log/httpd/modsec_audit.log SecRequestBodyAccess on SecUploadKeepFiles On SecUploadDir /var/log/httpd/files SecAuditLogParts ABIFHZ SecDefaultAction "nolog,noauditlog,allow,phase:2" SecRule REQUEST_METHOD "POST" "id:1000,phase:2,ctl:auditEngine=On,nolog,pass" </IfModule>
POST logging mod_dumpio
/etc/httpd/conf.d/mod_dumpio.conf.bak LoadModule dumpio_module modules/mod_dumpio.so <IfModule dumpio_module> DumpIOInput On DumpIOOutput On DumpIOLogLevel warn </IfModule>
apachectl
Verify apache config file.
apachectl -S -f /etc/httpd/conf/httpd.conf
Is module loaded
apachectl -t -D DUMP_MODULES 2>&1 | grep -i dumpio