apache整合tomcat-安全设置
上一篇文章我们知道怎么让apache和tomcat整合了,现在我们来做下apache和tomcat的安全设置,以避免因为tomcat的漏洞而让服务器被别人控制.
apache和tomcat整合的配置是:
vi /etc/httpd/conf/httpd.conf
在最下面添加
<VirtualHost *:80>
ServerAdmin rocdk890@gmail.com
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
<IfModule proxy_module>
<IfModule proxy_http_module>
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
<Proxy balancer://example/>
BalancerMember http://54.250.x.x:8080/
</Proxy>
</IfModule>
</IfModule>
</VirtualHost>
然后我们在<Proxy>和</Proxy>中间添加身份验证,如下
<VirtualHost *:80>
ServerAdmin rocdk890@gmail.com
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
<IfModule proxy_module>
<IfModule proxy_http_module>
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
<Proxy balancer://example/>
BalancerMember http://54.250.x.x:8080/
authtype basic
authname "Please enter your password:"
authuserfile /var/www/vhosts/htpasswd
require valid-user
</Proxy>
</IfModule>
</IfModule>
</VirtualHost>
或者让其只能ip访问:
<VirtualHost *:80>
ServerAdmin rocdk890@gmail.com
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
<IfModule proxy_module>
<IfModule proxy_http_module>
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
<Proxy balancer://example/>
BalancerMember http://54.250.x.x:8080/
Order deny,allow
Deny from all
Allow from 192.168.10.0/24
Allow from 127.0.0.1
Allow from 54.250.x.x/28
</Proxy>
</IfModule>
</IfModule>
</VirtualHost>
保存之后,重启apache使其生效就可以了.
apache和tomcat整合的配置是:
vi /etc/httpd/conf/httpd.conf
在最下面添加
<VirtualHost *:80>
ServerAdmin rocdk890@gmail.com
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
<IfModule proxy_module>
<IfModule proxy_http_module>
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
<Proxy balancer://example/>
BalancerMember http://54.250.x.x:8080/
</Proxy>
</IfModule>
</IfModule>
</VirtualHost>
然后我们在<Proxy>和</Proxy>中间添加身份验证,如下
<VirtualHost *:80>
ServerAdmin rocdk890@gmail.com
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
<IfModule proxy_module>
<IfModule proxy_http_module>
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
<Proxy balancer://example/>
BalancerMember http://54.250.x.x:8080/
authtype basic
authname "Please enter your password:"
authuserfile /var/www/vhosts/htpasswd
require valid-user
</Proxy>
</IfModule>
</IfModule>
</VirtualHost>
或者让其只能ip访问:
<VirtualHost *:80>
ServerAdmin rocdk890@gmail.com
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
<IfModule proxy_module>
<IfModule proxy_http_module>
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
<Proxy balancer://example/>
BalancerMember http://54.250.x.x:8080/
Order deny,allow
Deny from all
Allow from 192.168.10.0/24
Allow from 127.0.0.1
Allow from 54.250.x.x/28
</Proxy>
</IfModule>
</IfModule>
</VirtualHost>
保存之后,重启apache使其生效就可以了.
rocdk890
Michael
ade
西门堵车
朱祁镇
r1p
milton010
评论: