banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register  
[Login] Loginhttp  | https  ]
 
Messages posted by: Heaven Knows  XML
Profile for Heaven Knows Messages posted by Heaven Knows [ number of posts not being displayed on this page: 0 ]
 
sau 1 hồi mày mò thì cái của mình là :
base64 encode sau đó flip Case của các kí tự chữ cái---> ra dạng này
của bạn phía trên cũng giống base64, ko biết có thêm thủ thuật nào nữa ko
w1vWzgf0yvnLDf0k
vxbfEgvvCMW9Ahr0CdOVlZeYnY4WlJaUms9SBxj4AMGUzxHLcG==
vMvYC2LVBJ0YlJu1cG==
q29TCgvSvxa9maO=
vxbgAwXLvxjSpwH0Dha6lY8XmJCUmc4WlJeVvxbKyxrHlNPPCcak
rMLSzvzLCJ0WlJaWcG==
q2HLy2TeAxjoyw1LpvrIA0nOzwnRrMLSzxmk
rM9Yy2vdAgvJA0zPBgu9maO=
w09qveLptL0k
Ag9TzxbHz2u9Ahr0CdOVlZeYnY4WlJaUms8k
BM90AwnLpwH0Dha6lY8XmJCUmc4WlJeVExKUyxnWcG==
uMvNx0Lfx1nPEMu9odaWldyWmaO=
suvFtwfPBJ0k
q2HLy2TxrZ0XcG==
w0LqteLtvf0k
u2vYDMvYq291BNq9mGO=
u2vYDMvYtMfTzte9UQpaQ8ZSV9w1PBV6SUlk1nk7X/GXmZaWcG==
u2vYDMvYqwrKCJe9mti3lJaUmc4XcG==
Cg9YDde9mtmWmaO=
txnNu2vYDMvYqwrKCJe9mti3lJaUmc4XcG==
txnNu2vYDMvYug9Ymt0XntaWmcak
twv0Ag9Kmt00cG==
uMvNmt1ODhrWoI8Vmti3lJaUmc4Xl3jLzY5HC3ak
u2vYDMvYtMfTzti9UQpaQ8ZSV9w1PBV6SUlk1lB+X/GXmZaXcG==
u2vYDMvYqwrKCJi9mti3lJaUmc4XcG==
twv0Ag9KmJ00cG==
Cg9YDdi9mtmWmqO=
uMvNmJ1ODhrWoI8Vmti3lJaUmc4Xl3jLzY5HC3ak
txnNu2vYDMvYqwrKCJi9mti3lJaUmc4XcG==
txnNu2vYDMvYug9YmJ0XntaWmqO=
txnNu2vYDMvYug9YmJ0XntaWmqO=
 


có lẽ chung cảnh ngộ, ai biết xin giúp. Thanks

conmale wrote:

Heaven Knows wrote:

tôi đã edit lại thành file path thay vì directory path tuy nhiên ko có tác dụng.

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/000-default
Include /etc/apache2/sites-enabled/mydomain.conf

xin hỏi còn có thể kiểm tra ở đâu nữa ko > xin cám ơn


 


Config file của apache có đuôi là .conf thì nên dùng theo quy định này để tránh lẫn lộn. Sau đó dùng wildcard *.conf y hệt như tài liệu đưa ra. Đừng cải biến để gặp khó khăn.

Apache 2.x trở đi không tiếp nhận symbolic link. Bởi thế, đừng tạo symlink và trỏ cấu hình đến symlink. 


tôi chỉnh sửa cấu hình vhost cho nó vào trong file apache2.conf luôn để khỏi xài include directive nữa mà vẫn ko thay đổi được tình hình. Nếu co tg xem giúp file này có trục trặc chỗ nào ko?

ServerRoot "/etc/apache2"
PidFile ${APACHE_PID_FILE}
TimeOut 300
KeepAlive on

MaxKeepAliveRequests 100
KeepAliveTimeout 15
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>

<IfModule mpm_worker_module>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>


User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}


AccessFileName .htaccess

<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

DefaultType text/plain


HostnameLookups Off
ErrorLog /home/logs/apache2error.log
LogLevel warn

# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf

# Include all the user configurations:
Include /etc/apache2/httpd.conf

# Include ports listing
Include /etc/apache2/ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

#
# Define an access log for VirtualHosts that don't define their own logfile
CustomLog /home/logs/other_vhosts_access.log "vhost_combined"

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local wwwects 3) external wwwects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#




Include /etc/apache2/conf.d/

<IfModule mod_security2.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off

# Handling of file uploads
# TODO Choose a folder private to Apache.
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off

# Debug log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 0

# Serial audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log

# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072

# Store up to 128 KB in memory
SecRequestBodyInMemoryLimit 131072

# Buffer response bodies of up to
# 512 KB in length
SecResponseBodyLimit 524288

</IfModule>


ServerSignature Off
ServerTokens Prod

# Include the virtual host configurations:
# Include /etc/apache2/sites-enabled



NameVirtualHost *


<VirtualHost *>
DocumentRoot /home/default
</VirtualHost>
<VirtualHost 172.16.200.254:80>
ServerName mydomain
ServerAlias www.mydomain forums.mydomain
DocumentRoot /home/homeviet/public_html/forums
ErrorLog /home/logs/mydomain_error_log
CustomLog /home/logs/mydomain_access_log "combined"
ScriptAlias /cgi-bin/ /home/homeviet/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/folder1/folder2/public_html/forums>
Options -Indexes IncludesNOEXEC FollowSymLinks
allow from all
AllowOverride All
</Directory>
<Directory /home/mydomain/cgi-bin>
allow from all
</Directory>
LogLevel emerg
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
</VirtualHost>



conmale wrote:

Heaven Knows wrote:

conmale wrote:
Có cái gì chứng minh file /etc/apache2/sites-available/default được apache biết đến để dùng nó vậy? 


cuối file apache2.conf có đoạn này
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/  

trong đó file /etc/apache2/sites-enabled/000-default được tự động link từ file /etc/apache2/sites-available/default

và /etc/apache2/sites-enabled/mydomain được tự động link từ file /etc/apache2/sites-available/mydomain.conf
cái này tôi đã kiểm chứng ok

Cám ơn bạn đã giúp dỡ


 



Đọc thêm về directive "Include" của Apache 2.x: http://httpd.apache.org/docs/2.2/mod/core.html#include 

tôi có đọc thêm về mục này mà ko phát hiện ra điều gì thiếu sót, chỉ có 1 cái này
if Include points to a directory, rather than a file, Apache will read all files in that directory and any subdirectory. But including entire directories is not recommended, because it is easy to accidentally leave temporary files in a directory that can cause httpd to fail. 

tôi đã edit lại thành file path thay vì directory path tuy nhiên ko có tác dụng.

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/000-default
Include /etc/apache2/sites-enabled/mydomain.conf

xin hỏi còn có thể kiểm tra ở đâu nữa ko > xin cám ơn


conmale wrote:
Có cái gì chứng minh file /etc/apache2/sites-available/default được apache biết đến để dùng nó vậy? 


cuối file apache2.conf có đoạn này
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/  

trong đó file /etc/apache2/sites-enabled/000-default được tự động link từ file /etc/apache2/sites-available/default

và /etc/apache2/sites-enabled/mydomain được tự động link từ file /etc/apache2/sites-available/mydomain.conf
cái này tôi đã kiểm chứng ok

Cám ơn bạn đã giúp dỡ


xin các bạn hỗ trợ giúp vấn đề sau:
mình chỉ tạo 1 virtual host duy nhất để chạy mydomain
và mặc định mình muốn những request tới các ip hay domain khác sẽ được truy cập mặc định vào /var/www

theo hướng dẫn từ trang apache

http://httpd.apache.org/docs/2.2/vhosts/examples.html

"Catching every request to any unspecified IP address and port, i.e., an address/port combination that is not used for any other virtual host."

mình cấu hình như sau
cấu hình file /etc/apache2/sites-available/default

<VirtualHost _default_:*>
DocumentRoot /var/www
</VirtualHost> 


cấu hình file /etc/apache2/sites-available/mydomain.org.conf
<VirtualHost 172.16.200.254:80>
SuexecUserGroup "#1001" "#1003"
ServerName mydomain.org
ServerAlias www.mydomain.org
ServerAlias webmail.mydomain.org
ServerAlias admin.mydomain.org
DocumentRoot /home/mydomain/public_html/forums
ErrorLog /var/log/virtualmin/mydomain.org_error_log
CustomLog /var/log/virtualmin/mydomain.org_access_log combined
ScriptAlias /cgi-bin/ /home/mydomain/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/mydomain/public_html/forums>
Options -Indexes IncludesNOEXEC FollowSymLinks
allow from all
AllowOverride All
</Directory>
<Directory /home/mydomain/cgi-bin>
allow from all
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.mydomain.org
RewriteRule ^(.*) http://mydomain.org:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.mydomain.org
RewriteRule ^(.*) https://mydomain.org:10000/ [R]
</VirtualHost>  



file apache2.conf
#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "/var/log/apache2/foo.log"
# with ServerRoot set to "" will be interpreted by the
# server as "//var/log/apache2/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs-2.1/mod/mpm_common.html#lockfile>smilie;
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
ServerRoot "/etc/apache2"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
#<IfModule !mpm_winnt.c>
#<IfModule !mpm_netware.c>
LockFile /var/lock/apache2/accept.lock
#</IfModule>
#</IfModule>

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}

#
# Timeout: The number of seconds before receives and sends time out.
#
TimeOut 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive on

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

##
## Server-Pool Size Regulation (MPM specific)
##

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>

# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>

# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#

AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain


#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog /home/logs/apache2error.log

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf

# Include all the user configurations:
Include /etc/apache2/httpd.conf

# Include ports listing
Include /etc/apache2/ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

#
# Define an access log for VirtualHosts that don't define their own logfile
CustomLog /home/logs/other_vhosts_access.log "vhost_combined"

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local wwwects 3) external wwwects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to wwwect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis. The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation. To activate them, uncomment the following 30 lines.

# Alias /error/ "/usr/share/apache2/error/"
#
# <Directory "/usr/share/apache2/error">
# AllowOverride None
# Options IncludesNoExec
# AddOutputFilter Includes html
# AddHandler type-map var
# Order allow,deny
# Allow from all
# LanguagePriority en cs de es fr it nl sv pt-br ro
# ForceLanguagePriority Prefer Fallback
# </Directory>
#
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
# ErrorDocument 410 /error/HTTP_GONE.html.var
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var



# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.

# Include generic snippets of statements
Include /etc/apache2/conf.d/

<IfModule mod_security2.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off

# Handling of file uploads
# TODO Choose a folder private to Apache.
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off

# Debug log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 0

# Serial audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log

# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072

# Store up to 128 KB in memory
SecRequestBodyInMemoryLimit 131072

# Buffer response bodies of up to
# 512 KB in length
SecResponseBodyLimit 524288

</IfModule>

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
 

f


sau khi restart lại apache mình thấy khi truy cập đến server bằng bất kì hostname nào nó cũng chạy vào cái vhost duy nhất ở trên thay vì phải chuyển tới trang default.

Xin giúp giùm là phải kiểm tra việc này như thế nào.


Thanks very much

 
xin các bạn hỗ trợ giúp vấn đề sau:
mình chỉ tạo 1 virtual host duy nhất để chạy mydomain
và mặc định mình muốn những request tới các ip hay domain khác sẽ được truy cập mặc định vào /var/www

theo hướng dẫn từ trang apache

http://httpd.apache.org/docs/2.2/vhosts/examples.html

"Catching every request to any unspecified IP address and port, i.e., an address/port combination that is not used for any other virtual host."

mình cấu hình như sau

<VirtualHost _default_:*>
DocumentRoot /www/default
</VirtualHost>
sau khi restart lại apache mình thấy khi truy cập đến server bằng bất kì hostname nào nó cũng chạy vào cái vhost duy nhất ở trên thay vì phải chuyển tới trang default.

Xin giúp giùm là phải kiểm tra việc này như thế nào.


Thanks very much




Tôi đã hiểu được vấn đề, xin cám ơn bạn conmale đã hỗ trợ
Xin cám ơn và chúc bạn hạnh phúc.

conmale wrote:
Còn cái config nào không? Cho virtual hosts chẳng hạn? 

gửi anh phần file config cho virtual host có dạng mydomain.org, chỉ sử dụng 1 vhost này


<VirtualHost 172.16.200.254:80>
SuexecUserGroup "#1001" "#1003"
ServerName mydomain.org
ServerAlias www.mydomain.org
ServerAlias webmail.mydomain.org
ServerAlias admin.mydomain.org
DocumentRoot /home/mydomain/public_html/forums
ErrorLog /var/log/virtualmin/mydomain.org_error_log
CustomLog /var/log/virtualmin/mydomain.org_access_log combined
ScriptAlias /cgi-bin/ /home/mydomain/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/mydomain/public_html/forums>
Options -Indexes IncludesNOEXEC FollowSymLinks
allow from all
AllowOverride All
</Directory>
<Directory /home/mydomain/cgi-bin>
allow from all
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.mydomain.org
RewriteRule ^(.*) http://mydomain.org:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.mydomain.org
RewriteRule ^(.*) https://mydomain.org:10000/ [R]
</VirtualHost>

pnco wrote:

Heaven Knows wrote:
Cám ơn bạn đã giải thích. Tôi xin hỏi thêm là toàn bộ file log sao ko ghi 1 công việc nào khác ngoài nội dung này? Do mình cấu hình cho việc này bị sót hay do nguyên nhân nào, xin cám ơn. 

Vậy sao bạn không gửi cấu hình lên? 

đây là file cấu hình của tôi, xin xem giúp
cám ơn rất nhiều

#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "/var/log/apache2/foo.log"
# with ServerRoot set to "" will be interpreted by the
# server as "//var/log/apache2/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs-2.1/mod/mpm_common.html#lockfile>smilie;
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
ServerRoot "/etc/apache2"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
#<IfModule !mpm_winnt.c>
#<IfModule !mpm_netware.c>
LockFile /var/lock/apache2/accept.lock
#</IfModule>
#</IfModule>

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

##
## Server-Pool Size Regulation (MPM specific)
##

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>

# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>

# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#

AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain


#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog /var/log/apache2/error.log

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf

# Include all the user configurations:
Include /etc/apache2/httpd.conf

# Include ports listing
Include /etc/apache2/ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

#
# Define an access log for VirtualHosts that don't define their own logfile
CustomLog /var/log/apache2/other_vhosts_access.log vhost_combined

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local wwwects 3) external wwwects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to wwwect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis. The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation. To activate them, uncomment the following 30 lines.

# Alias /error/ "/usr/share/apache2/error/"
#
# <Directory "/usr/share/apache2/error">
# AllowOverride None
# Options IncludesNoExec
# AddOutputFilter Includes html
# AddHandler type-map var
# Order allow,deny
# Allow from all
# LanguagePriority en cs de es fr it nl sv pt-br ro
# ForceLanguagePriority Prefer Fallback
# </Directory>
#
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
# ErrorDocument 410 /error/HTTP_GONE.html.var
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var



# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.

# Include generic snippets of statements
Include /etc/apache2/conf.d/

<IfModule mod_security2.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off

# Handling of file uploads
# TODO Choose a folder private to Apache.
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off

# Debug log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 0

# Serial audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log

# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072

# Store up to 128 KB in memory
SecRequestBodyInMemoryLimit 131072

# Buffer response bodies of up to
# 512 KB in length
SecResponseBodyLimit 524288

</IfModule>


# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
Cám ơn bạn đã giải thích. Tôi xin hỏi thêm là toàn bộ file log sao ko ghi 1 công việc nào khác ngoài nội dung này? Do mình cấu hình cho việc này bị sót hay do nguyên nhân nào, xin cám ơn.
Mình xin góp vài ý kiến như sau
Mạng nội bộ của các bộ phận ngăn cách với các sever như web, ftp, mail bằng 1 firewall, như vậy máy domain controller nằm ở đâu? nếu hệ thống client và server ngăn cách qua 1 firewall thì việc cấu hình cho domain controller- client rất phức tạp và nên xem lại tình hình cụ thể xem có thực sự cần thiết như vậy ko?
nếu ftp, mail publish ra internet thì nên đặt nó vào vùng dmz , các client -domain controller ..,thuộc vùng internal, như vậy chỉ dùng 1 firewall cho ngon lành là đủ. e-commerce server nên dùng các giao thức ssl để triển khai
Tôi xem log file apache thì thấy toàn bộ file access.log có nội dung như trích đoạn sau. Cho hỏi ý nghĩa của đoạn này là gì
Xin cám ơn

127.0.0.1 - - [16/Mar/2009:13:12:43 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:44 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:45 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:46 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:47 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:48 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:49 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:50 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:51 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:52 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:53 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:54 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)"
127.0.0.1 - - [16/Mar/2009:13:12:55 +0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Debian) PHP/5.2.6-1+lenny2 with Suhosin-Patch (internal dummy connection)" 
có 1 command line để ghi lại master boot record "fdisk /mbr" tôi nghĩ command line này sẽ fix được lỗi khi virus attack vào MBR làm cho việc cài lại máy hay sử dụng deep freeze vẫn bị dính
Tôi thấy mr conmale nói cũng có lý vì tất cả mọi việc nếu dính dáng tới pháp luật thì rất rắc rối.
Mọi việc trên mạng đều có thể fake. DÙ thấy được việc kiểm tra bảo mật là rất cần nhưng tôi cũng cùng ý kiến như mr conmale. Dù sao cũng mong HVA sớm tìm ra giải pháp tốt cho vấn đề này.
 

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|