可以先測試一下自己有沒有把網站資訊不小心洩漏出來
http://your-web-site/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
如何關閉
vi php.ini
expose_php = On
修改成
expose_php = Off
重啟apache 或是 php-fpm 即可
helloworld
目前分類:系統管理 (428)
- Sep 21 Thu 2017 15:54
關閉php 彩蛋
- Sep 15 Fri 2017 14:49
使用php mail() 寄信並指定 envelope-from
email 的傳遞有點像現實生活種的郵差先生在寄信
分為信封寄件者和信紙寄件者
envelope-from 顧名思義,就是寫在信封或是包裹上面的寄件者
所以是給郵差和MTA 看的
信紙寄件者,通常就是我們常看到信件的最下面寫著 XXX 敬上 .. 之類的稱呼
是給收件者看的,通常outlook 及其他MUA顯示的是這個欄位
php mail()
bool mail ( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] )
通常我們都會把From: 寫在第四個變數
但是這只是修改信紙寄件者
郵差先生看到的寄件者還是系統自動幫你帶的,不一定會跟From 會一樣
往往這樣可能會造成一些退信的狀況
建議From: 和 envelope from 都可以改成一致
避免不必要的困擾
example:
<?php
mail('ethan@a.com','Hello World!','Good morning!','From: service@b.com','-f service@b.com');
?>
PHP、MySQL與JavaScript學習手冊(第五版)
Learning PHP, MySQL & JavaScript, 5th Edition
作者: Robin Nixon
譯者: 賴屹民
出版社:歐萊禮
- Sep 14 Thu 2017 15:35
使用Rufus 製作FreeBSD開機usb 隨身碟
下載 Rufus
https://rufus.akeo.ie/?locale=zh_TW
因為 Rufus 不支援 FreeBSD iso檔
所以我們選img檔案
以FreeBSD 11.1 為例
檔名為 FreeBSD-11.1-RELEASE-amd64-memstick.img
選擇剛剛下載的img檔,並下拉選擇DD映像
最後執行即可
【Ainmax】64GB 高速隨身碟(USB3.0)
- Sep 13 Wed 2017 16:40
移除比小強還強的 EFI 系統磁碟分割區
如果拿到一顆硬碟開心的要把它重新分割
但是始終保留一個 EFI 系統磁碟分割區 怎麼砍也砍不掉
這時候可以
用系統管理員身分執行cmd
輸入diskpart
|
C:\Windows\system32>diskpart Microsoft DiskPart 版本 6.1.7601 |
列出接在電腦的硬碟
|
DISKPART> list disk 磁碟 ### 狀態 大小 可用 Dyn Gpt |
選擇要清理的硬碟
|
DISKPART> select disk 1 磁碟 1 是所選擇的磁碟。 DISKPART> list disk 磁碟 ### 狀態 大小 可用 Dyn Gpt |
確定真的不留戀的話,輸入clean
|
DISKPART> clean DiskPart 成功地清理了磁碟。 DISKPART> |
回頭看windows 的磁碟管理,可以看到磁碟機已經乾乾淨淨啦
【WD】100EFAX 紅標 10TB 3.5吋NAS硬碟(NASware3.0)
http://www.momoshop.com.tw/goods/GoodsDetail.jsp?osm=league&i_code=4827757&cid=apuad&oid=1&memid=6000013660
- Aug 11 Fri 2017 10:16
啟用 drupal 8 clean URLs
安裝完drupal 8 之後,系統會需要你做一些簡單的設定
如果在需求檢查步驟出現以下的警告訊息
Your server is capable of using clean URLs, but it is not enabled. Using clean URLs gives an improved user experience and is recommended
表示你的 drupal 目錄無法使用rewrite 功能
如果是apache請確認以下設定
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
Alias /drupal "/usr/local/www/drupal8"
<Directory "/usr/local/www/drupal8">
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
修改完後重新啟動apache
apachectl reload
Drupal的使用 中文版 第二版
作者: (美)拜倫
出版社:中國電力出版社
出版日期:2014/03/01
- Jul 21 Fri 2017 16:27
Varnish 下的 backend 取得實際的client ip
預設的狀況下,varnish 下面的backend , 諸如 apache 或是 nginx ... 等
接到 http 的 請求時,client ip 都是varnish 的ip
如此一下,程式無法針對來源做出判斷,geoip 也無法知道來源是屬於哪個國家
解決這個問題步驟如下
編輯 varnish/default.vcl
sub vcl_recv {
###
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
###
}
修改backend log format 設定,以apache為例
#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
即可在access_log 中看到實際使用者來源ip
- Jul 13 Thu 2017 09:56
CentOS 安裝 nslookup
nslookup這個指令對於網路除錯來說,應該是很多人都很習慣的工具
如果發現安裝好的Linux系統少了這個指令
[root@example ~]# nslookup myip.pass.tw
-bash: nslookup: command not found
[root@example ~]# which nslookup
/usr/bin/which: no nslookup in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
直接安裝看看咧? 找不到這個套件名稱
[root@example ~]# yum -y install nslookup
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.linode.com
* epel: mirror.sfo12.us.leaseweb.net
* extras: mirrors.linode.com
* updates: mirrors.linode.com
No package nslookup available.
Error: Nothing to do
試試 yum provides 看看nslookup 是包含在哪個套件中
[root@example ~]# yum provides nslookup
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.linode.com
* epel: mirror.sfo12.us.leaseweb.net
* extras: mirrors.linode.com
* updates: mirrors.linode.com
Warning: 3.0.x versions of yum would erroneously match against filenames.
You can use "*/nslookup" and/or "*bin/nslookup" to get that behaviour
No Matches found
依提示再搜尋一下,可以發現包含在bind-utils 套件中
[root@example ~]# yum provides */nslookup
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.linode.com
* epel: mirror.sfo12.us.leaseweb.net
* extras: mirrors.linode.com
* updates: mirrors.linode.com
base/filelists_db | 6.4 MB 00:00
epel/filelists_db | 7.7 MB 00:01
extras/filelists_db | 25 kB 00:00
updates/filelists_db | 1.5 MB 00:00
zsh-4.3.11-4.el6.centos.2.x86_64 : A powerful interactive shell
Repo : base
Matched from:
Filename : /usr/share/zsh/4.3.11/functions/nslookup
32:bind-utils-9.8.2-0.62.rc1.el6.x86_64 : Utilities for querying DNS name servers
Repo : base
Matched from:
Filename : /usr/bin/nslookup
32:bind-utils-9.8.2-0.62.rc1.el6_9.2.x86_64 : Utilities for querying DNS name servers
Repo : updates
Matched from:
Filename : /usr/bin/nslookup
32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64 : Utilities for querying DNS name servers
Repo : updates
Matched from:
Filename : /usr/bin/nslookup
32:bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64 : Utilities for querying DNS name servers
Repo : updates
Matched from:
Filename : /usr/bin/nslookup
[root@example ~]# yum provides *bin/nslookup
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.linode.com
* epel: mirrors.kernel.org
* extras: mirrors.linode.com
* updates: mirrors.linode.com
32:bind-utils-9.8.2-0.62.rc1.el6.x86_64 : Utilities for querying DNS name servers
Repo : base
Matched from:
Filename : /usr/bin/nslookup
32:bind-utils-9.8.2-0.62.rc1.el6_9.2.x86_64 : Utilities for querying DNS name servers
Repo : updates
Matched from:
Filename : /usr/bin/nslookup
32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64 : Utilities for querying DNS name servers
Repo : updates
Matched from:
Filename : /usr/bin/nslookup
32:bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64 : Utilities for querying DNS name servers
Repo : updates
Matched from:
Filename : /usr/bin/nslookup
安裝 bind-utils
[root@example ~]# yum -y install bind-utils
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.linode.com
* epel: mirrors.kernel.org
* extras: mirrors.linode.com
* updates: mirrors.linode.com
Resolving Dependencies
--> Running transaction check
---> Package bind-utils.x86_64 32:9.8.2-0.62.rc1.el6_9.4 will be installed
--> Processing Dependency: bind-libs = 32:9.8.2-0.62.rc1.el6_9.4 for package: 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64
--> Processing Dependency: liblwres.so.80()(64bit) for package: 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64
--> Processing Dependency: libisccfg.so.82()(64bit) for package: 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64
--> Processing Dependency: libisccc.so.80()(64bit) for package: 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64
--> Processing Dependency: libisc.so.83()(64bit) for package: 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64
--> Processing Dependency: libdns.so.81()(64bit) for package: 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64
--> Processing Dependency: libbind9.so.80()(64bit) for package: 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64
--> Running transaction check
---> Package bind-libs.x86_64 32:9.8.2-0.62.rc1.el6_9.4 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================================================================================================================
Installing:
bind-utils x86_64 32:9.8.2-0.62.rc1.el6_9.4 updates 189 k
Installing for dependencies:
bind-libs x86_64 32:9.8.2-0.62.rc1.el6_9.4 updates 892 k
Transaction Summary
=============================================================================================================================================================================================================================================
Install 2 Package(s)
Total download size: 1.1 M
Installed size: 2.7 M
Downloading Packages:
(1/2): bind-libs-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm | 892 kB 00:00
(2/2): bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm | 189 kB 00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 44 MB/s | 1.1 MB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : 32:bind-libs-9.8.2-0.62.rc1.el6_9.4.x86_64 1/2
Installing : 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64 2/2
Verifying : 32:bind-libs-9.8.2-0.62.rc1.el6_9.4.x86_64 1/2
Verifying : 32:bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64 2/2
Installed:
bind-utils.x86_64 32:9.8.2-0.62.rc1.el6_9.4
Dependency Installed:
bind-libs.x86_64 32:9.8.2-0.62.rc1.el6_9.4
Complete!
DNS and BIND管理,第五版
作者: 蔣大偉
出版社:歐萊禮
- Jul 11 Tue 2017 09:18
CentOS / RedHat 安裝 varnish 4
Varnish cache,或稱Varnish,是一套高效能的反向網站快取伺服器(reverse proxy server)。
其他的類似產品還有Nginx 或是 Squid 可供選擇
官方網站
https://www.varnish-cache.org/
安裝步驟
# vi /etc/yum.repos.d/varnish.repo
[varnish]
name=Varnish for Enterprise Linux 6
baseurl=https://repo.varnish-cache.org/redhat/varnish-4.0/el6/
enabled=1
gpgkey=https://repo.varnish-cache.org/GPG-key.txt
gpgcheck=1
存檔離開
# yum -y install varnish
Loaded plugins: fastestmirror, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.cs.nctu.edu.tw
* epel: mirror01.idc.hinet.net
* extras: centos.cs.nctu.edu.tw
* updates: centos.cs.nctu.edu.tw
Resolving Dependencies
--> Running transaction check
---> Package varnish.x86_64 0:4.0.4-1.el6 will be installed
--> Processing Dependency: jemalloc for package: varnish-4.0.4-1.el6.x86_64
--> Processing Dependency: gcc for package: varnish-4.0.4-1.el6.x86_64
--> Processing Dependency: libjemalloc.so.1()(64bit) for package: varnish-4.0.4-1.el6.x86_64
--> Running transaction check
---> Package gcc.x86_64 0:4.4.7-18.el6 will be installed
--> Processing Dependency: cpp = 4.4.7-18.el6 for package: gcc-4.4.7-18.el6.x86_64
--> Processing Dependency: cloog-ppl >= 0.15 for package: gcc-4.4.7-18.el6.x86_64
---> Package jemalloc.x86_64 0:3.6.0-1.el6 will be installed
--> Running transaction check
---> Package cloog-ppl.x86_64 0:0.15.7-1.2.el6 will be installed
--> Processing Dependency: libppl_c.so.2()(64bit) for package: cloog-ppl-0.15.7-1.2.el6.x86_64
--> Processing Dependency: libppl.so.7()(64bit) for package: cloog-ppl-0.15.7-1.2.el6.x86_64
---> Package cpp.x86_64 0:4.4.7-18.el6 will be installed
--> Processing Dependency: libmpfr.so.1()(64bit) for package: cpp-4.4.7-18.el6.x86_64
--> Running transaction check
---> Package mpfr.x86_64 0:2.4.1-6.el6 will be installed
---> Package ppl.x86_64 0:0.10.2-11.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
varnish x86_64 4.0.4-1.el6 varnish 1.5 M
Installing for dependencies:
cloog-ppl x86_64 0.15.7-1.2.el6 base 93 k
cpp x86_64 4.4.7-18.el6 base 3.7 M
gcc x86_64 4.4.7-18.el6 base 10 M
jemalloc x86_64 3.6.0-1.el6 epel 100 k
mpfr x86_64 2.4.1-6.el6 base 157 k
ppl x86_64 0.10.2-11.el6 base 1.3 M
Transaction Summary
================================================================================
Install 7 Package(s)
Total download size: 17 M
Installed size: 39 M
Downloading Packages:
(1/7): cloog-ppl-0.15.7-1.2.el6.x86_64.rpm | 93 kB 00:00
(2/7): cpp-4.4.7-18.el6.x86_64.rpm | 3.7 MB 00:00
(3/7): gcc-4.4.7-18.el6.x86_64.rpm | 10 MB 00:00
(4/7): jemalloc-3.6.0-1.el6.x86_64.rpm | 100 kB 00:00
(5/7): mpfr-2.4.1-6.el6.x86_64.rpm | 157 kB 00:00
(6/7): ppl-0.10.2-11.el6.x86_64.rpm | 1.3 MB 00:00
(7/7): varnish-4.0.4-1.el6.x86_64.rpm | 1.5 MB 00:04
--------------------------------------------------------------------------------
Total 2.1 MB/s | 17 MB 00:08
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : ppl-0.10.2-11.el6.x86_64 1/7
Installing : cloog-ppl-0.15.7-1.2.el6.x86_64 2/7
Installing : mpfr-2.4.1-6.el6.x86_64 3/7
Installing : cpp-4.4.7-18.el6.x86_64 4/7
Installing : gcc-4.4.7-18.el6.x86_64 5/7
Installing : jemalloc-3.6.0-1.el6.x86_64 6/7
Installing : varnish-4.0.4-1.el6.x86_64 7/7
Verifying : cpp-4.4.7-18.el6.x86_64 1/7
Verifying : varnish-4.0.4-1.el6.x86_64 2/7
Verifying : jemalloc-3.6.0-1.el6.x86_64 3/7
Verifying : mpfr-2.4.1-6.el6.x86_64 4/7
Verifying : gcc-4.4.7-18.el6.x86_64 5/7
Verifying : ppl-0.10.2-11.el6.x86_64 6/7
Verifying : cloog-ppl-0.15.7-1.2.el6.x86_64 7/7
Installed:
varnish.x86_64 0:4.0.4-1.el6
Dependency Installed:
cloog-ppl.x86_64 0:0.15.7-1.2.el6 cpp.x86_64 0:4.4.7-18.el6
gcc.x86_64 0:4.4.7-18.el6 jemalloc.x86_64 0:3.6.0-1.el6
mpfr.x86_64 0:2.4.1-6.el6 ppl.x86_64 0:0.10.2-11.el6
Complete!
安裝好的varnish 預設路徑
/etc/varnish/default.vcl
關鍵技術:CDN內容傳遞網路
Content Delivery Network
作者: 梁潔, 陳戈, 莊一嶸
出版社:佳魁資訊
出版日期:2017/03/28
語言:繁體中文
定價:480元
- Jul 05 Wed 2017 15:24
FreeBSD 10.x 安裝 Mongodb 3.4
更新ports tree
# portsnap fetch extract update
安裝 mongodb
# cd /usr/ports/databases/mongodb34
勾選相依套件選項
# make config-recursive
開始漫長的編譯,可以去泡個茶先
# make install clean
預設設定檔路徑
/usr/local/etc/mongodb.conf
設定開機自動執行
# vi /etc/rc.conf
mongod_enable="YES"
重開機或手動啟動mongodb
/usr/local/etc/rc.d/mongod start
OR
service mongod start
查看服務狀況,預設監聽 tcp 27017 port , 僅綁定 127.0.0.1 本機可以連線
可依需求修改設定檔
# netstat -na
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 127.0.0.1.27017 *.* LISTEN
執行程序
# ps uax | grep mongo
mongodb 3431 0.1 1.7 292860 69860 - S 3:17PM 0:02.20 /usr/local/bin/mongod --logpath /var/db/mongodb/mongod.log --logappend --config /usr/local/etc/mongodb.conf --dbpath /var/db/mongodb --fork
MongoDB 大數據管理系統實戰指南
作者: 郭遠威
出版社:上奇資訊
出版日期:2016/09/29
語言:繁體中文
定價:350元
- Jul 03 Mon 2017 15:34
freebsd透過ports安裝套件前,一次設定相依套件
假設如果要在freebsd透過ports 安裝apache24
除了是漫長的compile 過程外
再來就是不時會被其他相依套件中斷,提醒你要勾選相依套件的選項
想要好好去廁所大個便都不行
如果要解決這個問題,好好的去蹲廁所
可以參考以下步驟
# cd /usr/ports/www/apache24
# make config-recursive
===> Setting user-specified options for apache24-2.4.26 and dependencies
接下來一一勾選相依套件的選項後
# make insall clean
即可
- Jul 03 Mon 2017 15:31
freebsd 出現 You have security/openssl installed but do not have DEFAULT_VERSIONS+=ssl=openssl set in your make.conf
如果你除了內建的openssl 又自行安裝比較新版的openssl
在安裝其他套件時出現以下警告訊息
/!\ WARNING /!\
You have security/openssl installed but do not have
DEFAULT_VERSIONS+=ssl=openssl set in your make.conf
解決方式
echo 'DEFAULT_VERSIONS+=ssl=openssl' >> /etc/make.conf
即可
- Jul 03 Mon 2017 13:41
顯示 memcached 狀態
[root@test] ~# echo stats | nc memcached-server 11211
STAT pid 16817
STAT uptime 181573
STAT time 1499060450
STAT version 1.4.4
STAT pointer_size 64
STAT rusage_user 186.459653
STAT rusage_system 581.109657
STAT curr_connections 12
STAT total_connections 163313
STAT connection_structures 71
STAT cmd_get 8260007
STAT cmd_set 811378
STAT cmd_flush 0
STAT get_hits 7935925
STAT get_misses 324082
STAT delete_misses 0
STAT delete_hits 1
STAT incr_misses 0
STAT incr_hits 0
STAT decr_misses 0
STAT decr_hits 0
STAT cas_misses 0
STAT cas_hits 0
STAT cas_badval 0
STAT auth_cmds 0
STAT auth_errors 0
STAT bytes_read 7135925788
STAT bytes_written 14480451759
STAT limit_maxbytes 2147483648
STAT accepting_conns 1
STAT listen_disabled_num 0
STAT threads 4
STAT conn_yields 0
STAT bytes 283099957
STAT curr_items 211892
STAT total_items 811378
STAT evictions 0
END
^C
- Jul 03 Mon 2017 12:08
紀錄 wget 抓網頁過程
wget -R jpg,gif,css,js -r -l 2 --delete-after http://myip.pass.tw/ | & tee wget.log
-R: 排除某些檔案不抓
-r: 遞迴抓取網頁
-l: 抓到第幾層
--delete-after: 移除暫存網頁
網站擷取:使用Python
Web Scraping with Python
作者: Ryan Mitchell
譯者:Studio Tib.
出版社:歐萊禮
出版日期:2016/10/03
語言:繁體中文
- Jun 28 Wed 2017 10:15
解決nginx+php-fpm : FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream 錯誤訊息
安裝好nginx + php-fpm 後,ngixn error log出現以下錯誤訊息
2017/06/28 10:06:46 [error] 949#100116: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.77.252, server: ng.test.com, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "example.com:8080"
預設參考範例
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
修改為以下設定
location ~ \.php$ {
#root html;
root "你的網頁路徑";
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
重新啟動nginx 即可
MIS 一定要懂的82個伺服器建置與管理知識
作者: きはし まさひろ
譯者: 陳禹豪, 黃瑋婷
出版社:旗標
- Jun 27 Tue 2017 14:08
清除varnish 某個cache資料
varnishadm
ban req.http.host == "example.com" && req.url ~ "\.png$"
- Jun 08 Thu 2017 17:28
rsync 只監聽特定IP
假設我們的rsync server 有兩張網卡
一張對外、一張對內
如果rsync 的服務只需要對內,不希望外面的人來打擾
當然可以用防火牆來阻擋
但如果不方便用防火牆的話
也可以透過修改設定檔來達成
如果是獨立執行的
參考一下man 說明
address
You can override the default IP address the daemon will listen
on by specifying this value. This is ignored if the daemon is
being run by inetd, and is superseded by the --address com-
mand-line option.
可以修改 rsyncd.conf
address = 要LISTEN的IP
如果是透過xinetd 啟動的
可以修改 /etc/xinetd.d/rsync
加入 bind = 要LISTEN的IP
或是考慮其他參數
如
only_from 或是 only_from
- Jun 07 Wed 2017 17:25
freebsd 安裝 drupal 8
cd /usr/posts/www/drupal8
make install
基本上只要一直下一步即可完成安裝流程
安裝完後會出現apache 及php 的建議設定
用Drupal輕鬆架出商業網站:網路商店╳報名平台╳預約系統╳拍賣平台
- Jun 02 Fri 2017 10:32
判斷不同國家轉址到當地web server 使用mod_geoip+rewrite
如果經營一個跨國網站
想要針對不同國家來的客戶,呈現出客製化的內容、語系
或是想要導到當地比較的機房
可以利用apache + mod_geoip + rewrite 來實現
安裝 GeoIP
cd /usr/ports/net/GeoIP
make install
GeoIP資料庫預設會放在 /usr/local/share/GeoIP
剛安裝完後是空的,必須執行已下指令下載資料庫
/usr/local/bin/geoipupdate.sh
也可以將這個指令放入crontable排程中,定時更新資料庫
crontab -e
0 0 1 * * /usr/local/bin/geoipupdate.sh
之後便下載以下兩個檔案
-r--r--r-- 1 root wheel 1.0M 5 3 05:30 GeoIP.dat
-r--r--r-- 1 root wheel 1.9M 5 3 05:30 GeoIPv6.dat
安裝 mod_geoip
cd /usr/ports/www/mod_geoip2
make install
編輯apache設定
vi /usr/local/etc/apache22/httpd.conf
LoadModule geoip_module libexec/apache22/mod_geoip.so
Include etc/apache22/extra/geoip.conf
vi /usr/local/etc/apache22/extra/geoip.conf
<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile //usr/local/share/GeoIP/GeoIP.dat
</IfModule>
重啟apache
apachectl restart
編輯rewrite rule ,如果是美國來的ip則轉址到美國網站
vi .htaccess
RewriteEngine On
RewriteCond %{HTTP_HOST} ^mybox.tw$ [NC]
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^US$
RewriteRule ^(.*)$ http://us.mybox.tw/$1 [L,R]
Python新手使用Django架站的16堂課:
活用Django Web Framework快速建構動態網站
作者: 何敏煌
出版社:博碩
- May 23 Tue 2017 16:07
CentOS 安裝 openssl + wget
下載原始檔案
https://www.openssl.org/source/
http://ftp.gnu.org/gnu/wget/
tar -zxpBvf openssl-1.0.2k.tar.gz
cd openssl-1.0.2k
./config
make
make test
make install
檢查openssl 版本
/usr/local/ssl/bin/openssl version
OpenSSL 1.0.2k 26 Jan 2017
tar -zxpBvf wget-1.19.1.tar.gz
cd wget-1.19.1
./configure --with-ssl=openssl --with-libssl-prefix=/usr/local/ssl
make
make install
收工
- May 19 Fri 2017 16:06
將linux 產生的 id_rsa 轉換成 windows putty 可以用的 *.ppk
如果真的必須要把 linux 暴露在 internet 上
使用 ssh key 登入某種程度來說要比帳號密碼驗證來的安全多
我們可以藉由修改 /etc/ssh/sshd_config 關閉密碼驗證來限制只允許使用 ssh key 登入
PasswordAuthentication no
修改完後記得重新啟動 sshd
在 linux 上可以簡單用 ssh-keygen 產生 id_rsa
並且用 ssh-copy-id 把 authorized_key 送上遠端 server: ~user/.ssh/ 中
但是如果要在一台 windows client 透過 putty 的話
就要先下載 puttygen
1. 開啟 putty key generator
2. 點選上方 conversions - import key
3. 選擇 linux ssh-keygen 產生的 id_rsa
4. 如果有密碼的話,輸入密碼
5. save private key
鳥哥的Linux私房菜:伺服器架設篇(第三版)(附光碟)
{{ article.title }}
