Difference between revisions of "Apache Webserver"
Jump to navigation
Jump to search
| Line 80: | Line 80: | ||
$sudo a2enmod proxy proxy_balancer proxy_http ssl && service apache2 restart | $sudo a2enmod proxy proxy_balancer proxy_http ssl && service apache2 restart | ||
</pre> | </pre> | ||
| − | * Now create | + | * Now create at /etc/apache2/sites-available |
<pre> | <pre> | ||
| Line 113: | Line 113: | ||
SSLCACertificateFile /etc/ssl/fullchain.pem | SSLCACertificateFile /etc/ssl/fullchain.pem | ||
</VirtualHost> | </VirtualHost> | ||
| + | </pre> | ||
| + | |||
| + | * enable the Config with: | ||
| + | <pre> | ||
| + | $sudo a2ensite linuxblog.conf && service apache2 restart | ||
</pre> | </pre> | ||
Revision as of 23:27, 9 June 2017
Redirects for Browser with .htaccess
Redirect Browser by Language to other Websites
Create a .htaccess at the Webspace and enter:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP:Accept-Language} ^de [NC]
RewriteRule ^$ /linux-support-deutsch [L,R=301]
RewriteRule ^$ /linux-support-english [L,R=301]
</IfModule>
This will redir German and International Users to two different Sites.
Block Access to Subfolders wp-includes of Wordpress
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L] </IfModule>
Analyses and Diagnostics
Apache Log analyse on Console
create a bash script called apache-analyse.sh enter:
#!/bin/bash
cat /var/log/apache2/access.log | awk '{ print $1 }' | sort | uniq -c
exit 0
System Echos like this:
1573 www.domain2.de 3568 www.domain3.de ..
Analyse Spam Bots and block them
get IP Adresses from Spambots (here xovibot) to update the Firewalls do:
sudo cat /var/log/apache2/access.log|grep xovibot.net| awk '{ print $2 }' | sort | uniq -c | sort -n > x.log
System Echos:
46 212.224.119.143
52 185.53.44.101
54 212.224.119.140
59 185.53.44.104
62 212.224.119.142
71 185.53.44.102
75 185.53.44.103
80 185.53.44.67
80 212.224.119.141
83 185.53.44.68
87 185.53.44.43
...
manual update to ufw firewall (can be done automatic too, but can take you offline for search engines if the do 404) do:
$sudo ufw insert 1 deny from 185.53.44.0/24 to any # insert rule $sudo service ufw force-reload # force update firewall $sudo ufw status numbered # test status
Load Balancer for virtual hosts with https
- Enable apache24 proxy and ssl modules:
$sudo a2enmod proxy proxy_balancer proxy_http ssl && service apache2 restart
- Now create at /etc/apache2/sites-available
<VirtualHost *:80>
ServerName linuxonlinehelp.de
ServerAlias www.linuxonlinehelp.de
RedirectPermanent / https://linuxonlinehelp.de/
</VirtualHost>
<VirtualHost *:443>
ProxyRequests off #MAJOR!!
ServerName linuxonlinehelp.de
ServerAlias www.linuxonlinehelp.de
ProxyPreserveHost on
ProxyPass / balancer://linuxblog:443/
ProxyPassReverse / balancer://linuxblog:443/
<Proxy *>
Require all granted
</Proxy>
<Proxy balancer://linuxblog>
BalancerMember https://192.168.XXX.001
BalancerMember https://192.168.XXX.002
ProxySet lbmethod=byrequests
</Proxy>
SSLProxyEngine on
SSLEngine on
SSLCertificateFile /etc/ssl/cert.pem
SSLCertificateKeyFile /etc/ssl/privkey.pem
SSLCACertificateFile /etc/ssl/fullchain.pem
</VirtualHost>
- enable the Config with:
$sudo a2ensite linuxblog.conf && service apache2 restart
Remark:
- Disable ALWAYS!! the Balance Manager for Security Reasons over apache2.conf
- Check ALWAYS the Apache Logs for Errors! on both Balance Member Servers!!