apache_conf,Code片段,代码实例,代码示例,代码片段库

apache_conf （WP）HTTPSへリダイレクト处理

.htaccess

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</IfModule>

apache_conf 基本认证

current_directory.phpをhtpasswd的と同阶层に格纳しルートからのパスを调べ的AuthUserFileに记载

.htpasswd

common:71zF90b6Dp8/E

current_directory.php

<?php

// カレントディレクトリ
echo getcwd() . "\n";

?>

.htaccess

<Files ~ "^\.(htaccess|htpasswd)$">
deny from all
</Files>
Options -Indexes
AuthUserFile /home/5co/5co.jp/public_html/altweb/t-group/.htpasswd

AuthGroupFile /dev/null
AuthName "Please enter your ID and password"
AuthType Basic
require valid-user
order deny,allow

apache_conf 配置地图

配置地图

configurationFiles-configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ template "spring-demo.fullname" . }}-env
data:
  SPRING_PROFILE: {{ .Values.spring.profile }}
  MYSQL_USERNAME: {{ .Values.mysql.mysqlUser }}
  MYSQL_DATA_SOURCE: jdbc:mysql://{{ .Release.Name }}-mysql.{{ .Release.Namespace }}.svc.cluster.local:3306/{{ .Values.mysql.mysqlDatabase }}

apache_conf 使用这些.htaccess添加更安全的WordPress

Sourche»https://gist.github.com/Zodiac1978/d25a8f3aebba7cd1c01c

htaccess

# Don't show errors which contain full path diclosure (FPD)
# Use that line only if PHP is installed as a module and not per CGI
# try using a php.ini in that case.
# Change mod_php5.c to mod_php7.c if you are running PHP7
<IfModule mod_php5.c>
  php_flag display_errors Off
</IfModule>

# Don't list directories
<IfModule mod_autoindex.c>
  Options -Indexes
</IfModule>

# Protect XMLRPC (needed for Apps, Offline-Blogging-Tools, Pingback, etc.)
# If you use that, these tools will not work anymore
<Files xmlrpc.php>
  Order Deny,Allow
  Deny from all
</Files>

# If you don't use the Database Optimizing and Post-by-Email features, turn off the access too:
<FilesMatch "(repair|wp-mail)\.php">
    Order Deny,Allow
    Deny from all
</FilesMatch>

# Prevent browser and search engines to request .log (e.g. WP DEBUG LOG) and .txt (e.g. plugins readme) files. 
# Must be placed in /wp-content/.htaccess
<FilesMatch "\.(log|txt)$">
    Order Allow,Deny
    Deny from all
</FilesMatch>

# Hide WordPress, system & sensitive files
<FilesMatch "(^\.|wp-config(-sample)*\.php)">
    Order Deny,Allow
    Deny from all
</FilesMatch>

# Protect some other files
<FilesMatch "(liesmich.html|readme.html|(.*)\.ttf|(.*)\.bak)">
  Order Deny,Allow
  Deny from all
</FilesMatch>

# Block the include-only files.
# Do not use in Multisite without reading the note in Codex!
# See: https://codex.wordpress.org/Hardening_WordPress#WP-Includes
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteBase /
  RewriteRule ^wp-admin/includes/ - [F,L]
  RewriteRule !^wp-includes/ - [S=3]
  # If you run multisite, comment the next line (see note above)
  RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
  RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
  RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

# Set some security related headers
# See: http://de.slideshare.net/walterebert/die-htaccessrichtignutzenwchh2014 (GERMAN)
<IfModule mod_headers.c>
  Header set X-Content-Type-Options nosniff 
  Header set X-XSS-Protection "1; mode=block" 
  # The line below is an advanced method for a more secure configuration, please see documentation before usage!
  # Introduction: https://scotthelme.co.uk/content-security-policy-an-introduction/
  # http://www.heise.de/security/artikel/XSS-Bremse-Content-Security-Policy-1888522.html (German)
  # Documentation: https://content-security-policy.com/
  # Analysis: https://securityheaders.io/
  # Header set Content-Security-Policy "default-src 'self'; img-src 'self' http: https: *.gravatar.com;"
</IfModule>

# Allow WordPress Embed
# https://gist.github.com/sergejmueller/3c4351ec29576fb441fe
<IfModule mod_setenvif.c>
    SetEnvIf Request_URI "/embed/$" IS_embed
    <IfModule mod_headers.c>
    	Header set X-Frame-Options SAMEORIGIN env=!REDIRECT_IS_embed
    </IfModule>
</IfModule>

#Force secure cookies (uncomment for HTTPS)
<IfModule mod_headers.c>
  #Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
</IfModule>

#Unset headers revealing versions strings
<IfModule mod_headers.c>
  Header unset X-Powered-By
  Header unset X-Pingback
  Header unset SERVER
</IfModule>

# Filter Request Methods
# See: https://perishablepress.com/disable-trace-and-track-for-better-security/
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
  RewriteRule ^(.*)$ - [F,L]
</IfModule>

apache_conf 重定向查询字符串

保存自https://perishablepress.com/redirect-query-string-htaccess/

query.htaccess

# Redirect Query String
<IfModule mod_rewrite.c>
	RewriteCond %{REQUEST_URI} ^/specific/url/
	RewriteCond %{QUERY_STRING} key=value
	RewriteRule (.*) /path/ [R=301,L]
</IfModule>

apache_conf 更改最长执行时间

使用htaccess更改apache的最大执行时间

.htaccess

php_value max_execution_time [seconds]
php_value max_input_time [seconds]

apache_conf 将HTTP重定向到HTTP

使用htaccess将http重定向到http

.htaccess

RewriteEngine On 
RewriteCond %{HTTPS} on 
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

apache_conf 更改最大上传大小

使用htaccess更改apache中的最大上载大小

.htaccess

php_value upload_max_filesize [ZISE]M 
php_value post_max_size [ZISE]M

apache_conf 在VS Code #vscode中搜索

在VS Code #vscode中搜索

config

Configure search in VS Code to ignore .gitignore


In settings `cmd+,` add: 

	"search.useIgnoreFiles": false
    
    
ref: https://github.com/Microsoft/vscode/issues/40918#issuecomment-354364937

apache_conf 301将域变体重定向到SSL URL

＃301将所有域变体重定向到https：//www.* - http：// * - www。* - http：//www.* - https：// * - * 不要与任何CMS一起使用，例如。 Wordpress因为它可能会导致问题。

.htaccess

# Redirects all domain variants to https://
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,R=301,NE]