{"id":36340,"date":"2023-09-09T20:54:18","date_gmt":"2023-11-17T14:00:38","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/apache%e5%ae%89%e5%85%a8%e9%85%8d%e7%bd%ae\/"},"modified":"2024-05-03T22:57:39","modified_gmt":"2024-05-03T14:57:39","slug":"apache%e5%ae%89%e5%85%a8%e9%85%8d%e7%bd%ae","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/apache%e5%ae%89%e5%85%a8%e9%85%8d%e7%bd%ae\/","title":{"rendered":"Apache\u5b89\u5168\u914d\u7f6e"},"content":{"rendered":"

\u7efc\u8ff0<\/h1>\n

\u603b\u7ed3\u4e86\u53ef\u4ee5\u5728Apache\u914d\u7f6e\u4e2d\u901a\u7528\u7684\u5b89\u5168\u8bbe\u7f6e\u53ca\u5176\u5404\u4e2a\u9879\u76ee\u3002<\/p>\n

\u8bbe\u5b9a\u793a\u4f8b\u3002<\/h2>\n

\u5fc5\u987b\u8bbe\u7f6e<\/h3>\n
cat << _EOF_ > \/etc\/httpd\/conf.d\/security.conf\r\n# \u30d0\u30fc\u30b8\u30e7\u30f3\u60c5\u5831\u306e\u96a0\u853d<\/span>\r\nServerTokens<\/span> Prod \r\nHeader<\/span> unset<\/span> \"X-Powered-By\"\r\n# httpoxy \u5bfe\u7b56<\/span>\r\nRequestHeader<\/span> unset<\/span> Proxy<\/span>\r\n# \u30af\u30ea\u30c3\u30af\u30b8\u30e3\u30c3\u30ad\u30f3\u30b0\u5bfe\u7b56<\/span>\r\nHeader<\/span> append<\/span> X-Frame-Options SAMEORIGIN\r\n# XSS\u5bfe\u7b56<\/span>\r\nHeader<\/span> set<\/span> X-XSS-Protection \"1; mode=block\"\r\nHeader<\/span> set<\/span> X-Content-Type-Options nosniff\r\n# XST\u5bfe\u7b56<\/span>\r\nTraceEnable<\/span> Off<\/span>\r\n\r\n<<\/span>Directory<\/span> \/var\/www\/html<\/span>>\r\n<\/span>    # .htaccess \u306e\u6709\u52b9\u5316<\/span>\r\n    AllowOverride<\/span> All<\/span>\r\n    # \u30d5\u30a1\u30a4\u30eb\u4e00\u89a7\u51fa\u529b\u306e\u7981\u6b62<\/span>\r\n    Options<\/span> -Indexes\r\n    # Apache 2.2\u4ee5\u524d\u306e\u5bfe\u7b56<\/span>\r\n    <<\/span>IfVersion<\/span> < 2.3<\/span>>\r\n<\/span>        # \u30d0\u30fc\u30b8\u30e7\u30f3\u60c5\u5831\u306e\u96a0\u853d<\/span>\r\n        ServerSignature<\/span> Off<\/span>\r\n        # ETag\u306einode\u60c5\u5831\u306e\u96a0\u853d<\/span>\r\n        FileETag<\/span> MTime<\/span> Size<\/span>\r\n    <\/<\/span>IfVersion<\/span>>\r\n<\/<\/span>Directory<\/span>>\r\n<\/span>\r\n<<\/span>Directory<\/span> \"\/var\/www\/cgi-bin\"<\/span>>\r\n<\/span>    <<\/span>IfVersion<\/span> < 2.3<\/span>>\r\n<\/span>        ServerSignature<\/span> Off<\/span>\r\n        FileETag<\/span> MTime<\/span> Size<\/span>\r\n    <\/<\/span>IfVersion<\/span>>\r\n<\/<\/span>Directory<\/span>>\r\n<\/span>_EOF_\r\n<\/code><\/pre>\n
cat<\/span> \/dev\/null ><\/span> \/etc\/httpd\/conf.d\/autoindex.conf ;<\/span>\r\ncat<\/span> \/dev\/null ><\/span> \/etc\/httpd\/conf.d\/welcome.conf ;<\/span>\r\n<\/code><\/pre>\n
\u8bf7\u6ce8\u610f\u8fd9\u4e9b\u4e8b\u9879<\/h4>\n
    \n
  • \n
      \u5916\u90e8\u30b5\u30a4\u30c8\u304b\u3089iframe\u3067\u547c\u3073\u51fa\u3057\u3067\u304d\u306a\u304f\u306a\u308b<\/ul>\n<\/li>\n<\/ul>\n
       <\/p>\n
        \n
      • \n
          Apache 2.2 \u306e\u5834\u5408 ServerSignature \u306f Directory \u30c7\u30a3\u30ec\u30af\u30c6\u30a3\u30d6\u5185\u3067\u6307\u5b9a\u3057\u306a\u3044\u3068\u4e0a\u66f8\u304d\u3055\u308c\u306a\u3044\u3002<\/ul>\n<\/li>\n<\/ul>\n
           <\/p>\n
            \n
          • \n
              \u73fe\u72b6\u306e\u4e0a\u8a18\u8a2d\u5b9a\u3067\u306f Apache 2.2 \u3067\u4ee5\u4e0b\u304c\u4e0a\u66f8\u304d\u3055\u308c\u306a\u3044<\/ul>\n<\/li>\n<\/ul>\n
              Options -Indexes
              \n<Directory “\/var\/www\/cgi-bin”><\/p>\n
              \u96a8\u610f\u8a2d\u5b9a<\/h3>\n
              cat << _EOF_ > \/etc\/httpd\/conf.d\/security-strict.conf\r\n# DoS \u653b\u6483\u5bfe\u7b56<\/span>\r\nLimitRequestBody<\/span> 10485760\r\nLimitRequestFields<\/span> 50\r\n# slowloris \u5bfe\u7b56<\/span>\r\nRequestReadTimeout<\/span> header=20-40,MinRate=500 body=20,MinRate=500\r\n\r\n# HTTP\u30e1\u30bd\u30c3\u30c9\u306e\u5236\u9650<\/span>\r\n<<\/span>Directory<\/span> \/var\/www\/html<\/span>>\r\n<\/span>    <<\/span>IfVersion<\/span> ><\/span> 2.4>\r\n        Require<\/span> method GET POST\r\n    <\/<\/span>IfVersion<\/span>>\r\n<\/span>    <<\/span>IfVersion<\/span> < 2.3<\/span>>\r\n<\/span>        <<\/span>Limit<\/span> GET POST<\/span>>\r\n<\/span>            Order<\/span> allow,deny\r\n            Allow<\/span> from<\/span> all<\/span>\r\n        <\/<\/span>Limit<\/span>>\r\n<\/span>        <<\/span>LimitExcept<\/span> GET POST<\/span>>\r\n<\/span>            Order<\/span> deny,allow\r\n            Deny<\/span> from<\/span> all<\/span>\r\n        <\/<\/span>LimitExcept<\/span>>\r\n<\/span>    <\/<\/span>IfVersion<\/span>>\r\n<\/<\/span>Directory<\/span>>\r\n<\/span>\r\n<<\/span>Directory<\/span> \"\/var\/www\/cgi-bin\"<\/span>>\r\n<\/span>    <<\/span>IfVersion<\/span> ><\/span> 2.4>\r\n        Require<\/span> all<\/span> denied\r\n    <\/<\/span>IfVersion<\/span>>\r\n<\/span>    <<\/span>IfVersion<\/span> < 2.3<\/span>>\r\n<\/span>        Order<\/span> allow,deny\r\n        Deny<\/span> from<\/span> all<\/span>\r\n    <\/<\/span>IfVersion<\/span>>\r\n<\/<\/span>Directory<\/span>>\r\n<\/span>_EOF_\r\n<\/code><\/pre>\n
              \u8bf7\u6ce8\u610f\u7684\u4e8b\u9879<\/h4>\n
                \n
              • \n
                  GET\/POST \u4ee5\u5916\u4f7f\u3048\u306a\u304f\u306a\u308b<\/ul>\n<\/li>\n<\/ul>\n
                   <\/p>\n
                    \n
                  • \n
                      cgi-bin \u304c\u4f7f\u3048\u306a\u304f\u306a\u308b<\/ul>\n<\/li>\n<\/ul>\n
                       <\/p>\n
                        \u73fe\u72b6\u306e\u4e0a\u8a18\u8a2d\u5b9a\u3067\u306f Apache 2.2 \u3067 <Directory “\/var\/www\/cgi-bin”> \u304c\u4e0a\u66f8\u304d\u3055\u308c\u306a\u3044<\/ul>\n
                        \u5e0c\u671b\u8bbe\u5b9a\u4e00\u4e2a\u73af\u5883<\/h2>\n
                        \u672c\u6587\u4e3b\u8981\u662f\u5173\u4e8e\u4f7f\u7528CentOS\u7684Yum\u5b89\u88c5Apache\u7684\u4fe1\u606f\uff0c\u5047\u8bbe\u8fdb\u884c\u9002\u5f53\u7684\u73af\u5883\u8c03\u6574\u3002\u76ee\u6807Apache\u7248\u672c\u4e3a\u5f53\u524d\u652f\u6301\u76842.4\u548c2.2.\u6709\u5173\u8be6\u7ec6\u4fe1\u606f\uff0c\u8bf7\u53c2\u8003Apache HTTP Server\u7684\u652f\u6301\u671f\u9650\u3002<\/p>\n
                        \u9ed8\u8ba4\u503c\u9a8c\u8bc1\u7684\u73af\u5883\u4fe1\u606f<\/h3>\n
                          \n
                        • \n
                            CentOS 7.2.1511 (CentOS-7-x86_64-Minimal-1511.iso)<\/ul>\n<\/li>\n<\/ul>\n
                             <\/p>\n
                              \n
                            • \n
                                Apache 2.4.6 (yum install httpd)<\/ul>\n<\/li>\n<\/ul>\n
                                 <\/p>\n
                                  PHP 5.4.16 (yum install php)<\/ul>\n
                                  \u653f\u7b56<\/h2>\n
                                    \n
                                  • \n
                                      Yum \u306b\u3088\u308b\u30d1\u30c3\u30b1\u30fc\u30b8\u7ba1\u7406<\/ul>\n<\/li>\n<\/ul>\n
                                      \u30bd\u30fc\u30b9\u304b\u3089\u30b3\u30f3\u30d1\u30a4\u30eb\uff1f\u305d\u3093\u306a\u3082\u306e\u30a6\u30c1\u306b\u306f\u306a\u3044\u3088\u3002<\/p>\n
                                      \u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306b\u6975\u529b\u624b\u3092\u5165\u308c\u306a\u3044
                                      \n\u30b3\u30b9\u30c8\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u512a\u5148<\/p>\n
                                      \u6210\u7acb\u306e\u53ef\u80fd\u6027\u304c\u4f4e\u3044\u8106\u5f31\u6027\u3078\u306e\u5bfe\u5fdc\u3067\u6c4e\u7528\u6027\u3084\u30b7\u30f3\u30d7\u30eb\u3055\u304c\u5931\u308f\u308c\u308b\u3088\u3046\u306a\u8a2d\u5b9a\u306f\u907f\u3051\u308b<\/p>\n
                                      \u8bbe\u5b9a\u9879\u76ee<\/h1>\n
                                      \u9690\u85cf\u60c5\u62a5<\/h2>\n
                                      \u5173\u4e8e\u9690\u85cf\u7248\u672c\u7b49\u4fe1\u606f\u7684\u8ba8\u8bba\uff0c\u5927\u81f4\u5b58\u5728\u4e0e\u5b89\u5168\u63aa\u65bd\u7684\u6709\u6548\u6027\u76f8\u5173\u7684\u4e89\u8bba\u3002<\/p>\n
                                      \u7248\u672c\u4fe1\u606f\uff08ServerTokens\uff09<\/h3>\n
                                      Server: Apache\/2.4.6 (CentOS) PHP\/5.4.16\r\n<\/code><\/pre>\n
                                      Apache 2.23 \/ 2.44\u7684ServerTokens\u6307\u4ee4\u7684\u9ed8\u8ba4\u503c\u90fd\u662fFull\uff0c\u56e0\u6b64\u5728HTTP\u5934\u4e2d\u4f1a\u8f93\u51faApache\u7684\u7248\u672c\u4fe1\u606f\u5982\u4e0a\u6240\u793a\u3002<\/p>\n
                                      ServerTokens<\/span> Prod\r\n<\/code><\/pre>\n
                                      \u901a\u8fc7\u5728 ServerTokens \u6307\u4ee4\u4e2d\u8bbe\u7f6e\u4e3a Prod \u6216 ProductOnly\uff0c\u53ef\u4ee5\u9690\u85cf Apache \u7684\u7248\u672c\u4fe1\u606f\uff0c\u5982\u4e0b\u6240\u793a\u3002<\/p>\n
                                      Server: Apache\r\n<\/code><\/pre>\n
                                      \u670d\u52a1\u5668\u7b7e\u540d<\/h3>\n
                                      Apache\/2.2.15 (CentOS) Server at 192.168.56.101 Port 80\r\n<\/code><\/pre>\n
                                      ServerSignature\u6307\u4ee4\u7528\u4e8e\u914d\u7f6e\u670d\u52a1\u5668\u5728\u751f\u6210\u6587\u6863\uff08\u9519\u8bef\u6d88\u606f\u3001mod_proxy\u4e2d\u7684FTP\u76ee\u5f55\u5217\u8868\u3001mod_info\u7684\u8f93\u51fa\u7b49\uff09\u7684\u6700\u540e\u4e00\u884c\u6dfb\u52a0\u4e0a\u8ff0\u8f93\u51fa\u3002<\/p>\n
                                      ServerSignature<\/span> Off<\/span>\r\n<\/code><\/pre>\n
                                      Apache 2.25 \/ 2.46 \u7684\u9ed8\u8ba4\u503c\u5747\u4e3a\u5173\u95ed\u72b6\u6001\uff0c\u4f46\u662f CentOS 6.x \u4e0a\u7684 Apache 2.2 \u6839\u636e\u53d1\u884c\u7248\u7684\u8bbe\u7f6e\u800c\u9ed8\u8ba4\u4e3a\u5f00\u542f\uff0c\u56e0\u6b64\u9700\u8981\u8fdb\u884c\u4fee\u6539\u3002<\/p>\n
                                      \u5982\u679c\u6ca1\u6709\u66f4\u6539 httpd.conf \u7684\u8bbe\u7f6e\uff0c\u90a3\u4e48\u5728 <Directory “\/var\/www\/html”> \u4e2d\u672a\u6307\u5b9a\u5219\u65e0\u6cd5\u5de5\u4f5c\u3002<\/p>\n
                                      \u7981\u7528TRACE\u65b9\u6cd5\uff08XST\u4fdd\u62a4\uff09<\/h3>\n
                                      TraceEnable<\/span> Off<\/span>\r\n<\/code><\/pre>\n
                                      \u5bf9\u4e8e\u7ed3\u5408\u4e86XSS\u548cTRACE\u65b9\u6cd5\u7684XST\uff08\u8de8\u7ad9\u8ddf\u8e2a\uff09\u653b\u51fb\u7684\u9632\u8303\u63aa\u65bd\u3002
                                      \n\u867d\u7136\u5b58\u5728\u6cc4\u6f0f\u57fa\u672c\u8ba4\u8bc1ID\u548c\u5bc6\u7801\u7b49\u7684\u5371\u9669\uff0c\u4f46\u653b\u51fb\u6210\u7acb\u6761\u4ef6\u53d7\u9650\u4e8e\u652f\u6301\u5df2\u7ec8\u6b62\u7684\u65e7\u64cd\u4f5c\u7cfb\u7edf\u7b49\u60c5\u51b5\uff0c\u4ec5\u9650\u4e8e\u7279\u5b9a\u60c5\u51b57 8\u3002
                                      \n\u53e6\u5916\uff0cTRACE\u65b9\u6cd5\u65e0\u6cd5\u901a\u8fc7\u6216\u6307\u4ee4\u52a0\u4ee5\u9650\u5236\u30029<\/p>\n
                                      \u5b9e\u4f53\u6807\u7b7e\uff08ETag\uff09<\/h3>\n
                                      \u7531\u4e8e\u8fc7\u53bb\u7684 Apache \u5728\u8f93\u51fa\u5230 HTTP \u5934\u4e2d\u7684 ETag \u4e2d\u5f3a\u5236\u4f7f\u7528 inode \u53f7\uff0c\u56e0\u6b64\u5b58\u5728\u4ece ETag \u5934\u83b7\u53d6\u6587\u4ef6 inode \u53f7\u7684\u98ce\u9669\u3002
                                      \n\u7136\u800c\uff0c\u7ecf\u9a8c\u8bc1\u548c\u8c03\u67e5\u53d1\u73b0\uff0c\u4ece Apache 2.4.0 \u5f00\u59cb\uff0cMTime Size \u6210\u4e3a\u9ed8\u8ba4\u7684\u503c\uff0c\u56e0\u6b64\u5728 2.4 \u7cfb\u5217\u4e2d\uff0c\u5bf9\u4e8e\u5b89\u5168\u6027\u65b9\u9762\uff0c\u4e0d\u9700\u8981\u62c5\u5fc3\u6b64\u8bbe\u7f6e\u3002
                                      \n\u5bf9\u4e8e 2.2 \u7cfb\u5217\uff0c\u5efa\u8bae\u6307\u5b9a FileETag MTime Size \u6216 FileETag None\u3002<\/p>\n
                                      \u5982\u679c\u5220\u9664ETag\u5e76\u4f7f\u7528Last-Modified\u6807\u5934\uff0cHTTP\u6807\u5934\u7684\u5927\u5c0f\u4f1a\u76f8\u5e94\u51cf\u5c11\u3002\u4e0d\u8f93\u51faETag\u7684\u8bbe\u7f6e\u5982\u4e0b\uff1a<\/p>\n
                                      FileETag<\/span> None<\/span>\r\n<\/code><\/pre>\n
                                      \u5982\u679c\u5728\u4e0a\u8ff0\u8bbe\u7f6e\u4e2dETag\u65e0\u6cd5\u6b63\u5e38\u6d88\u9664\uff0c\u4e5f\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u65b9\u5f0f\u6d88\u9664\u3002<\/p>\n
                                      Header<\/span> unset<\/span> ETag\r\n<\/code><\/pre>\n
                                      \u6587\u4ef6ETag\u8bbe\u7f6e\u7684\u884c\u4e3a\u9a8c\u8bc1<\/h4>\n
                                      \n
                                      FileETagETag(\u672a\u6307\u5b9a)”220-529841bdd9a78″MTime Size”220-529841bdd9a78″All”905069-220-529841bdd9a78″INode”905069″MTime”529830adcea90″Size”220″<\/div>\n<\/div>\n
                                      \u516c\u5f0f\u53c2\u8003\u503c\u4ecd\u7136\u88ab\u6807\u8bb0\u4e3aFileETag INode MTime Size\uff0c\u4f46\u5728\u9a8c\u8bc1\u73af\u5883\u4e2d\u9a8c\u8bc1\u65f6\uff0c\u9ed8\u8ba4\u4e3aMTime Size\u3002\u8fd9\u53ef\u80fd\u662f\u7531\u4e8e\u53c2\u8003\u503c\u7684\u66f4\u65b0\u9057\u6f0f\uff0c\u6216\u8005\u53ef\u80fd\u662f\u5728\u53d1\u5e03\u8f6f\u4ef6\u5305\u4e2d\u66f4\u6539\u4e86\u9ed8\u8ba4\u503c\u3002\u5728Hatebu\u4e0a\u6709\u4eba\u63d0\u5230\u4e86\u8fd9\u4e00\u70b9\uff0c\u6240\u4ee5\u6211\u67e5\u770b\u4e86\u6e90\u4ee3\u7801\uff0c\u53d1\u73b0Apache\u672c\u4f53\u7684\u9ed8\u8ba4\u503c\u4ece2.4.0\u5f00\u59cb\u5df2\u7ecf\u6539\u53d8\uff0c\u770b\u6765\u786e\u5b9e\u662f\u53c2\u8003\u503c\u7684\u66f4\u65b0\u9057\u6f0f\u3002\uff08\u6839\u636e@matuu\u7684\u8bf4\u6cd5\uff0c\u82f1\u6587\u7248\u672c\u5df2\u7ecf\u6b63\u786e\u4fee\u590d\uff09<\/p>\n
                                      -<default>FileETag INode MTime Size<\/default>\r\n<\/span>+<default>FileETag MTime Size<\/default>\r\n<\/span> <contextlist><context>server config<\/context><context>virtual host<\/context>\r\n <context>directory<\/context><context>.htaccess<\/context>\r\n <\/contextlist>\r\n <override>FileInfo<\/override>\r\n+<compatibility>The default used to be \"INode&nbsp;MTime&nbsp;Size\" in 2.3.14 and\r\n+earlier.<\/compatibility>\r\n<\/span><\/code><\/pre>\n
                                      -#define ETAG_BACKWARD (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)\r\n<\/span> #define ETAG_ALL   (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)\r\n+\/* This is the default value used *\/\r\n+#define ETAG_BACKWARD (ETAG_MTIME | ETAG_SIZE)\r\n<\/span><\/code><\/pre>\n
                                           if (ctx->finfo.filetype != APR_NOFILE) {\r\n          return apr_psprintf(ctx->pool, \"\\\"%\" APR_UINT64_T_HEX_FMT \"-%\"\r\n-                            APR_UINT64_T_HEX_FMT \"-%\" APR_UINT64_T_HEX_FMT \"\\\"\",\r\n<\/span>+                            APR_UINT64_T_HEX_FMT \"\\\"\",\r\n<\/span>-                            (apr_uint64_t) ctx->finfo.inode,\r\n<\/span>                             (apr_uint64_t) ctx->finfo.size,\r\n                             (apr_uint64_t) ctx->finfo.mtime);\r\n      }\r\n<\/code><\/pre>\n
                                      X-Powered-By \u6240\u63d0\u4f9b\u7684\u52a8\u529b<\/h3>\n
                                      X-Powered-By: PHP\/5.4.16\r\n<\/code><\/pre>\n
                                      \u5982\u679c\u5728HTTP\u8bf7\u6c42\u5934\u4e2d\u8f93\u51fa\u4e86\u50cfPHP\u7248\u672c\u4e4b\u7c7b\u7684\u4fe1\u606f\uff0c\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u65b9\u5f0f\u5728Apache\u7aef\u5f3a\u5236\u5220\u9664\u8be5\u8bf7\u6c42\u5934\u3002<\/p>\n
                                      Header<\/span> unset<\/span> X-Powered-By\r\n<\/code><\/pre>\n
                                      \u5728PHP\u7684\u60c5\u51b5\u4e0b\uff0c\u53ef\u4ee5\u901a\u8fc7\u5728php.ini\u6587\u4ef6\u4e2d\u8bbe\u7f6eexpose_php\u6307\u4ee4\u4e3a14\u6765\u9690\u85cfPHP\u7248\u672c\u4fe1\u606f\uff0c\u4f46\u662f\u5728Apache\u670d\u52a1\u5668\u4e0a\u7edf\u4e00\u5f3a\u5236\u5220\u9664\u53ef\u80fd\u66f4\u597d\uff0c\u8fd9\u6837\u53ef\u4ee5\u907f\u514d\u914d\u7f6e\u9057\u6f0f\u7684\u98ce\u9669\u3002<\/p>\n
                                      expose_php<\/span> =<\/span> Off<\/span>\r\n<\/code><\/pre>\n
                                      \u9009\u9879 -Indexes<\/h3>\n
                                      <<\/span>Directory<\/span> \/var\/www\/html<\/span>>\r\n<\/span>    Options<\/span> -Indexes\r\n<\/<\/span>Directory<\/span>>\r\n<\/span><\/code><\/pre>\n
                                      Apache 2.0\/2.2\/2.4 \u7684 Options \u9ed8\u8ba4\u503c\u90fd\u662f All\u3002
                                      \n\u5f53\u5728\u76ee\u5f55\u4e2d\u6ca1\u6709\u6307\u5b9a\u7531 DirectoryIndex \u6307\u4ee4\u6240\u8bbe\u5b9a\u7684\u6587\u4ef6\uff08\u5982 index.html\uff09\u65f6\uff0cmod_autoindex \u4f1a\u6574\u7406\u5e76\u8fd4\u56de\u76ee\u5f55\u4e2d\u7684\u6587\u4ef6\u5217\u8868\u3002<\/p>\n
                                      \u81ea\u52a8\u7d22\u5f15\u914d\u7f6e\u6587\u4ef6\u3002<\/h3>\n
                                      cp<\/span> \/dev\/null \/etc\/httpd\/conf.d\/autoindex.conf\r\n<\/code><\/pre>\n
                                      \u6216\u8005<\/p>\n
                                      ><\/span> \/etc\/httpd\/conf.d\/autoindex.conf\r\n<\/code><\/pre>\n
                                      \u5c3d\u7ba1\u8bb0\u5f55\u4e86\u6709\u5173icons\u7684\u914d\u7f6e\u7b49\u4fe1\u606f\uff0c\u4f46\u4e3a\u4e86\u4e0d\u663e\u793a\u76ee\u5f55\u5217\u8868\uff0c\u539f\u5219\u4e0a\u4e0d\u4f7f\u7528\uff0c\u56e0\u6b64\u5220\u9664\u5b83\u3002\u5982\u679c\u5220\u9664\u6587\u4ef6\u672c\u8eab\uff0c\u5219\u5728\u66f4\u65b0\u65f6\u4f1a\u91cd\u65b0\u521b\u5efa\uff0c\u56e0\u6b64\u5c06\u5176\u53d8\u4e3a\u7a7a\u6587\u4ef6\u3002<\/p>\n
                                      \u6b22\u8fce\u8bbe\u7f6e<\/h3>\n
                                      cp<\/span> \/dev\/null \/etc\/httpd\/conf.d\/welcome.conf\r\n<\/code><\/pre>\n
                                      \u53c8\u6216\u8005<\/p>\n
                                      ><\/span> \/etc\/httpd\/conf.d\/welcome.conf\r\n<\/code><\/pre>\n
                                      \u5982\u679c\u5728\u6587\u6863\u6839\u76ee\u5f55\u4e2d\u6ca1\u6709index.html\u6587\u4ef6\u6216\u51fa\u73b0\u6743\u9650\u95ee\u9898\u7b49\u5bfc\u81f4\u88ab\u7981\u6b62\u8bbf\u95ee\u65f6\uff0cCentOS\u6b22\u8fce\u9875\u9762\u4f1a\u663e\u793a\u51fa\u6765\u3002\u4f46\u7531\u4e8e\u8fd9\u662f\u591a\u4f59\u7684\u4fe1\u606f\uff0c\u9700\u8981\u5220\u9664\u3002\u5982\u679c\u50cf\u5220\u9664autoindex.conf\u4e00\u6837\u5220\u9664\u5b83\uff0c\u4f1a\u5728\u66f4\u65b0\u65f6\u91cd\u65b0\u751f\u6210\uff0c\u6240\u4ee5\u9700\u8981\u5c06\u5176\u7f6e\u4e3a\u7a7a\u6587\u4ef6\u3002<\/p>\n
                                      \u5b89\u5168\u8bbe\u7f6e<\/h2>\n
                                      \u5141\u8bb8\u8986\u76d6<\/h3>\n
                                      <<\/span>Directory<\/span> \/var\/www\/html<\/span>>\r\n<\/span>    AllowOverride<\/span> All<\/span>\r\n<\/<\/span>Directory<\/span>>\r\n<\/span><\/code><\/pre>\n
                                      \u53ea\u6709\u5728 \/etc\/httpd\/conf.d\/userdir.conf \u7684 <Directory “\/home\/*\/public_html”> \u4e2d\u6307\u5b9a\u7684 AllowOverride \u4ee5\u5916\u90fd\u88ab\u8bbe\u7f6e\u4e3a None\uff0c\u6240\u4ee5\u4e3a\u4e86\u4f7f\u7528 .htaccess\uff0c\u9700\u8981\u5355\u72ec\u5141\u8bb8\u6587\u6863\u6839\u76ee\u5f55\u4e0b\u7684\u5185\u5bb9\u3002<\/p>\n
                                      \u9650\u5236HTTP\u65b9\u6cd5<\/h3>\n
                                      <<\/span>Directory<\/span> \/var\/www\/html<\/span>>\r\n<\/span>    Require<\/span> method GET POST\r\n<\/<\/span>Directory<\/span>>\r\n<\/span><\/code><\/pre>\n
                                      <<\/span>Directory<\/span> \/var\/www\/html<\/span>>\r\n<\/span>    <<\/span>Limit<\/span> GET POST<\/span>>\r\n<\/span>        Order<\/span> allow,deny\r\n        Allow<\/span> from<\/span> all<\/span>\r\n    <\/<\/span>Limit<\/span>>\r\n<\/span>    <<\/span>LimitExcept<\/span> GET POST<\/span>>\r\n<\/span>        Order<\/span> deny,allow\r\n        Deny<\/span> from<\/span> all<\/span>\r\n    <\/<\/span>LimitExcept<\/span>>\r\n<\/<\/span>IfVersion<\/span>>\r\n<\/span><\/code><\/pre>\n
                                      \u70b9\u51fb\u52ab\u6301\u9632\u62a4\uff08X-Frame-Options\uff09<\/h3>\n
                                      Header<\/span> always<\/span> append<\/span> X-Frame-Options SAMEORIGIN\r\n<\/code><\/pre>\n
                                      X-Frame-Options HTTP \u54cd\u5e94\u5934\u53ef\u4ee5\u6307\u793a\u6d4f\u89c8\u5668\u662f\u5426\u5141\u8bb8\u5c06\u9875\u9762\u663e\u793a\u5728 \u6216\u8005