由 likun 在 05-19-2003 20:03 发表:

看看这个Apache的配置问题

运行./httpd configtest后提示:

Syntax error on line 101 of /etc/httpd/conf/access.conf:

Invalid command 'PerlHandler', perhaps mis-spelled or defined by a module not included in the server configuration

access.conf 如下

access.conf -- Apache HTTP server configuration file

access.conf: Global access configuration

Online docs at http://www.apache.org/

This file defines server settings which affect which types of services

are allowed, and in what circumstances.

Each directory to which Apache has access, can be configured with respect

to which services and features are allowed and/or disabled in that

directory (and its subdirectories).

Originally by Rob McCool

First, we configure the "default" to be a very restrictive set of

permissions.

1<directory></directory>

Options FollowSymLinks

AllowOverride None

Note that from this point forward you must specifically allow

particular features to be enabled - so if something's not working as

you might expect, make sure that you have specifically enabled it

below.

This should be changed to whatever you set DocumentRoot to.

 1<directory "="" html"="" var="" www="">   
 2  
 3Options Indexes FollowSymLinks   
 4  
 5AllowOverride AuthConfig   
 6  
 7order deny,allow   
 8  
 9allow from 202.96.144.83   
10  
11deny from all   
12  
13</directory>

should be changed to whatever your ScriptAliased

CGI directory exists, if you have that configured.

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

 1<directory "="" cgi-bin"="" var="" www="">   
 2  
 3Options ExecCGI   
 4  
 5AllowOverride AuthConfig   
 6  
 7order deny,allow   
 8  
 9allow from 202.96.144   
10  
11deny from all   
12  
13</directory>

Allow server status reports, with the URL of http://servername/server-status

Change the ".your_domain.com" to match your domain to enable.

 1<location server-status="">   
 2  
 3#SetHandler server-status   
 4  
 5  
 6  
 7#order deny,allow   
 8  
 9#deny from all   
10  
11#allow from .your_domain.com   
12  
13#</location>

Allow remote server configuration reports, with the URL of

http://servername/server-info (requires that mod_info.c be loaded).

Change the ".your_domain.com" to match your domain to enable.

 1<location server-info="">   
 2  
 3#SetHandler server-info   
 4  
 5  
 6  
 7#order deny,allow   
 8  
 9#deny from all   
10  
11#allow from .your_domain.com   
12  
13#</location>

There have been reports of people trying to abuse an old bug from pre-1.1

days. This bug involved a CGI script distributed as a part of Apache.

By uncommenting these lines you can redirect these attacks to a logging

看看这个Apache的配置问题

access.conf -- Apache HTTP server configuration file

access.conf: Global access configuration

Online docs at http://www.apache.org/

This file defines server settings which affect which types of services

are allowed, and in what circumstances.

Each directory to which Apache has access, can be configured with respect

to which services and features are allowed and/or disabled in that

directory (and its subdirectories).

Originally by Rob McCool

First, we configure the "default" to be a very restrictive set of

permissions.

Note that from this point forward you must specifically allow

particular features to be enabled - so if something's not working as

you might expect, make sure that you have specifically enabled it

below.

This should be changed to whatever you set DocumentRoot to.

should be changed to whatever your ScriptAliased

CGI directory exists, if you have that configured.

Allow server status reports, with the URL of http://servername/server-status

Change the ".your_domain.com" to match your domain to enable.

Allow remote server configuration reports, with the URL of

http://servername/server-info (requires that mod_info.c be loaded).

Change the ".your_domain.com" to match your domain to enable.

There have been reports of people trying to abuse an old bug from pre-1.1

days. This bug involved a CGI script distributed as a part of Apache.

By uncommenting these lines you can redirect these attacks to a logging

script on