`
jiaoronggui
  • 浏览: 1331757 次
  • 性别: Icon_minigender_1
  • 来自: 合肥
博客专栏
B7c2eb31-a8ea-3973-a517-d00141f39b89
项目管理软件-redmin...
浏览量:116533
4a63e153-250f-30f6-a051-97cfc67cb3d3
IT职业规划
浏览量:199508
社区版块
存档分类
最新评论

apache httpd.conf 中SetEnvIf and SetEnvIfNoCase Examples

阅读更多

Htaccess SetEnvIf and SetEnvIfNoCase Examples

SetEnvIf and SetEnvIfNoCase are really useful directives supplied by the mod_setenvif module that allow you to conditionally set environment variables accessible by scripts and apache based on the value of HTTP Headers, Other Variables, and Request information.

For debugging, you may want to use my server environment variable debugging script

Unique mod_setenvif Variables

These can be used for attribute .

Remote_Host
the hostname (if available) of the client making the request - crawl-66-249-70-24.googlebot.com
Remote_Addr
IP address of the client making the request - 66.249.70.24
Server_Addr
IP address of the server on which the request was received - 208.113.183.103
Request_Method
name of the method being used - GET
Request_Protocol
name and version of the protocol with which the request was made - HTTP/1.1
Request_URI
the resource requested on the HTTP request line -- generally the portion of the URL following the scheme and host portion without the query string - /robots.txt

Syntax:

SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ...

Populates HTTP_MY_ Variables with mod_setenvif variable values

SetEnvIfNoCase Remote_Host "(.*)" HTTP_MY_REMOTE_HOST=$1
SetEnvIfNoCase Remote_Addr "(.*)" HTTP_MY_REMOTE_ADDR=$1
SetEnvIfNoCase Server_Addr "(.*)" HTTP_MY_SERVER_ADDR=$1
SetEnvIfNoCase Request_Method "(.*)" HTTP_MY_REQUEST_METHOD=$1
SetEnvIfNoCase Request_Protocol "(.*)" HTTP_MY_REQUEST_PROTOCOL=$1
SetEnvIfNoCase Request_URI "(.*)" HTTP_MY_REQUEST_URI=$1

Set REMOTE_HOST to HTTP_HOST

Sets REMOTE_HOST to www.askapache.com if Remote_Addr=208.113.183.103. This can be useful if your server doesn't automatically do a reverse lookup on a remote address, so this way you can tell if the request was internal/from your server.

SetEnvIf Remote_Addr 208\.113\.183\.103 REMOTE_HOST=www.askapache.com

Allows only if HOST Header is present in request

SetEnvIfNoCase ^HOST$ .+ HTTP_MY_HAS_HOST
Order Deny,Allow
Deny from All
Allow from env=HTTP_MY_HAS_HOST

or

SetEnvIfNoCase Host .+ HTTP_MY_HAS_HOST
Order Deny,Allow
Deny from All
Allow from env=HTTP_MY_HAS_HOST

Add values from HTTP Headers

SetEnvIfNoCase ^If-Modified-Since$ "(.+)" HTTP_IF_MODIFIED_SINCE=$1
SetEnvIfNoCase ^If-None-Match$ "(.+)" HTTP_IF_NONE_MATCH=$1
SetEnvIfNoCase ^Cache-Control$ "(.+)" HTTP_CACHE_CONTROL=$1
SetEnvIfNoCase ^Connection$ "(.+)" HTTP_CONNECTION=$1
SetEnvIfNoCase ^Keep-Alive$ "(.+)" HTTP_KEEP_ALIVE=$1
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
SetEnvIfNoCase ^Cookie$ "(.+)" HTTP_MY_COOKIE=$1

Set the REDIRECT_STATUS for Interpreter Security

This is useful in disallowing direct access to interpreters like shell scripts, cgi scripts, and other interpreters. Only works this way if you have a static IP for your server. So the only way to access these files is by instructing the server itself to request the file, using an Action directive or by requesting the file through a .php or other script using curl or wget, or something like fsockopen.

<filesMatch "\.(cgi|sh|pl)$">
SetEnvIfNoCase Remote_Addr 208\.113\.183\.103 REDIRECT_STATUS
 
Order Deny,Allow
Deny from All
Allow from env=REDIRECT_STATUS
</filesMatch>

Block Bad Bots

Can be useful if your site is getting hammered by spambots. Some nice examples from around the net are at Fight Blog Spam With Apache ... Keep in mind the HTTP_USER_AGENT is directly from the client, so its easy to spoof / change. Instead use mod_security for a much better solution.

SetEnvIfNoCase User-Agent "^Bandit" bad_bot
SetEnvIfNoCase User-Agent "^Baiduspider" bad_bot
SetEnvIfNoCase User-Agent "^BatchFTP" bad_bot
SetEnvIfNoCase User-Agent "^Bigfoot" bad_bot
SetEnvIfNoCase User-Agent "^Black.Hole" bad_bot
 
Order Allow,Deny
Allow from All
Deny from env=bad_bot

Allow Search robots

This does the opposite of above, allowing ONLY these web robots access. Other than rogue robots, configuring your robots.txt file correctly will keep most robots where you want them.

SetEnvIfNoCase User-Agent .*google.* search_robot
SetEnvIfNoCase User-Agent .*yahoo.* search_robot
SetEnvIfNoCase User-Agent .*bot.* search_robot
SetEnvIfNoCase User-Agent .*ask.* search_robot
 
Order Deny,Allow
Deny from All
Allow from env=search_robot

SetEnvIf Directive

Description:Syntax:Context:Override:Status:Module:
Sets environment variables based on attributes of the request
SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ...
server config, virtual host, directory, .htaccess
FileInfo
Base
mod_setenvif

The SetEnvIf directive defines environment variables based on attributes of the request. The attribute specified in the first argument can be one of three things:

  1. An HTTP request header field (see RFC2616 for more information about these); for example: Host , User-Agent , Referer , and Accept-Language . A regular expression may be used to specify a set of request headers.
  2. One of the following aspects of the request:
    • Remote_Host - the hostname (if available) of the client making the request
    • Remote_Addr - the IP address of the client making the request
    • Server_Addr - the IP address of the server on which the request was received (only with versions later than 2.0.43)
    • Request_Method - the name of the method being used (GET , POST , et cetera)
    • Request_Protocol - the name and version of the protocol with which the request was made (e.g., "HTTP/0.9", "HTTP/1.1", etc.)
    • Request_URI - the resource requested on the HTTP request line -- generally the portion of the URL following the scheme and host portion without the query string. See the RewriteCond directive of mod_rewrite for extra information on how to match your query string.
  3. The name of an environment variable in the list of those associated with the request. This allows SetEnvIf directives to test against the result of prior matches. Only those environment variables defined by earlier SetEnvIf[NoCase] directives are available for testing in this manner. 'Earlier' means that they were defined at a broader scope (such as server-wide) or previously in the current directive's scope. Environment variables will be considered only if there was no match among request characteristics and a regular expression was not used for the attribute.

The second argument (regex) is a regular expression. If the regex matches against the attribute, then the remainder of the arguments are evaluated.

The rest of the arguments give the names of variables to set, and optionally values to which they should be set. These take the form of

  1. varname
  2. !varname
  3. varname=value

In the first form, the value will be set to "1". The second will remove the given variable if already defined, and the third will set the variable to the literal value given by value . Since version 2.0.51 Apache will recognize occurrences of $1 ..$9 within value and replace them by parenthesized subexpressions of regex .

SetEnvIf Example:

SetEnvIf Request_URI "\.gif$" object_is_image=gif
SetEnvIf Request_URI "\.jpg$" object_is_image=jpg
SetEnvIf Request_URI "\.xbm$" object_is_image=xbm
SetEnvIf Referer www\.askapache\.com intra_site_referral
SetEnvIf object_is_image xbm XBIT_PROCESSING=1
SetEnvIf ^SETENVIF*  ^[a-z].*  HAS_SETENVIF

The first three will set the environment variable object_is_image if the request was for an image file, and the fourth sets intra_site_referral if the referring page was somewhere on the www.askapache.com Web site.

The last example will set environment variable HAS_SETENVIF if the request contains any headers that begin with "SETENVIF" whose values begins with any character in the set [a-z].


htaccess Guide Sections

 

from:http://www.askapache.com/htaccess/setenvif.html

分享到:
评论

相关推荐

    apache httpd.conf中文 apache优化

    apache httpd.conf中文 apache优化

    Apache的httpd.conf文件常用指令解释

    了解并熟练掌握httpd.conf文件中的常用指令对于管理和优化Apache服务器至关重要。以下是一些主要的指令及其解释: 1. **ServerRoot**: 这个指令指定Apache服务器的根目录,即包含所有配置文件、模块和日志文件的...

    Apache 的 httpd.conf 详解

    ### Apache的httpd.conf配置详解 #### 一、概述 `httpd.conf` 是Apache Web服务器的核心配置文件,它控制着服务器的行为与功能。通过合理地配置这些参数,可以极大地提高服务器的安全性、性能和可扩展性。下面将对...

    Apache2 httpd.conf 中文版

    根据给定的文件标题、描述、标签以及部分内容,本文将详细介绍Apache2的`httpd.conf`配置文件中的关键知识点。 ### Apache2 httpd.conf 文件概述 `httpd.conf`是Apache HTTP服务器的主要配置文件,它控制着服务器...

    apache2配置文件httpd.conf

    apache2配置文件httpd.conf

    Apache的httpd.conf文件配置

    ### Apache的httpd.conf文件配置详解 #### 一、引言 `httpd.conf`是Apache Web服务器的核心配置文件,它决定了服务器的行为、性能及功能。对于系统管理员来说,掌握如何正确配置`httpd.conf`至关重要。本文将详细...

    httpd.conf中文.txt

    根据提供的文件信息,我们可以深入解析`httpd.conf`配置文件中的关键设置与参数。这份文档主要涉及Apache服务器的配置选项,对于理解如何调整和优化Apache服务具有重要意义。 ### ServerRoot `ServerRoot`用于指定...

    Notepad++ 自定义 httpd.conf 文件语法高亮的配置文件

    Notepad++ 自定义 httpd.conf 文件语法高亮的配置文件 使用方法: http://blog.csdn.net/zhyl8157121/article/details/51320819

    httpd.conf文件配置详解

    本文将深入解析 `httpd.conf` 中的关键配置项,并解释它们的功能与作用。 #### 二、主要配置部分 `httpd.conf` 主要分为三个部分: 1. **全局环境配置 (Global Environment)** 2. **主服务器配置 ('Main' server ...

    httpd.conf

    django整合后的apache httpd.conf

    Apache2_httpd.conf配置文件中文版详解2

    Apache2 httpd.conf配置文件中文版详解 # 基于 NCSA 服务的配置文件。

    httpd.conf配置文件

    通过以上详细介绍,我们可以看到 `httpd.conf` 配置文件中的各项参数是如何定义和影响 Apache 服务器的行为与特性的。正确配置这些参数对于实现高效的 Web 服务至关重要。希望本文能为初学者提供一定的帮助,并为...

    httpd.conf &php.ini

    httpd.conf是Apache服务器的主要配置文件,它定义了服务器的行为、监听端口、虚拟主机、文档根目录、日志文件位置等核心参数。以下是一些关键配置项的解释: 1. **ServerRoot**: 指定Apache安装的根目录,通常设置...

    apache的httpd.conf文件配置详解

    这个文件位于Apache软件安装的根目录下,通常命名为httpd.conf或apache2.conf,根据不同的操作系统和安装方法可能会有所不同。配置文件的修改直接影响到服务器的运行方式和性能。 1. **基本配置** - `ServerRoot`...

    apche httpd.conf

    apche httpd.conf找不到,就直接下载使用在这个文件,httpd.conf 配置文件

    httpd.conf中文版

    httpd.conf的中文版本,英文不好的朋友可以参考

Global site tag (gtag.js) - Google Analytics