Apache設定

  • %2Fデコード問題対応 AllowEncodedSlashes On

httpd.conf

Apacheが%2Fを勝手にデコードして生きるのが辛いとき

AllowEncodedSlashes On
ServerTokens Prod

ServerRoot "/etc/httpd"
PidFile run/httpd.pid

Timeout 60

KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 15

<IfModule prefork.c>
StartServers      10
MinSpareServers    5
MaxSpareServers   15
ServerLimit      256
MaxClients        40
MaxRequestsPerChild  1000
</IfModule>

<IfModule worker.c>
StartServers         4
MaxClients         300
MinSpareThreads     25
MaxSpareThreads     75
ThreadsPerChild     25
MaxRequestsPerChild  0
</IfModule>

Listen 80

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so

Include conf.d/*.conf

User apache
Group apache

ServerAdmin root@localhost

UseCanonicalName Off
DocumentRoot "/var/www/html"

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

DirectoryIndex index.html index.html.var

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

TypesConfig /etc/mime.types
DefaultType text/plain

HostnameLookups Off

ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/access_log combined

ServerSignature Off

IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddLanguage en .en
AddLanguage ja .ja
LanguagePriority ja en
ForceLanguagePriority Prefer Fallback

AddDefaultCharset UTF-8

AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

AddHandler type-map var

NameVirtualHost *:80

プロセスメモリ使用料

ps aux|grep -v Ss|grep '[h]ttpd'|head -1

conf.d

conf.d/php.conf

<IfModule prefork.c>
  LoadModule php5_module modules/libphp5.so
</IfModule>
<IfModule worker.c>
  LoadModule php5_module modules/libphp5-zts.so
</IfModule>

AddHandler php5-script .php
AddType text/html .php

DirectoryIndex index.php

conf.d/vh.conf

Include conf.d/vh/*.conf

conf.d/vh/tatenosystem.com.conf

<VirtualHost _default_:80>
    ServerName      tatenosystem.com
    DocumentRoot    /home/tatenosystem.com/public_html
    ErrorLog        logs/tatenosystem-error_log
    CustomLog       logs/tatenosystem-access_log combined
    AllowEncodedSlashes On
    
    <Directory /home/tatenosystem.com/public_html>
      Options FollowSymLinks ExecCGI
      AllowOverride All
    </Directory>
</VirtualHost>

<VirtualHost _default_:80>
    ServerName      www.tatenosystem.com
    DocumentRoot    /home/tatenosystem.com/public_html
    ErrorLog        logs/tatenosystem-error_log
    CustomLog       logs/tatenosystem-access_log combined
</VirtualHost>

conf.d/vh/1.conf

存在しない ServerName アクセス対策

<VirtualHost *:80>
  ServerName dummy
  Redirect 403 /
</VirtualHost>

.htaccess

RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.tatenosystem\.com)(:80)? [NC]
RewriteRule ^(.*) http://tatenosystem.com/$1 [R=301,L]

php.ini

expose_php = Off

Apacheチューニング

過去めも

ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 60
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 15

<IfModule prefork.c>
StartServers      10
MinSpareServers    5
MaxSpareServers   15
ServerLimit      256
MaxClients        40
MaxRequestsPerChild  1000
</IfModule>

<IfModule worker.c>
StartServers         4
MaxClients         300
MinSpareThreads     25
MaxSpareThreads     75 
ThreadsPerChild     25
MaxRequestsPerChild  0
</IfModule>

Listen 80

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so

Include conf.d/*.conf

User apache
Group apache

ServerAdmin root@localhost

UseCanonicalName Off

DirectoryIndex index.html

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

TypesConfig /etc/mime.types

DefaultType text/plain

HostnameLookups Off

ErrorLog logs/error_log

LogLevel warn

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog logs/access_log combined

ServerSignature Off

AddLanguage ja .ja
LanguagePriority en ja
AddDefaultCharset UTF-8

NameVirtualHost *:80