server CentOS 6 - Apache 2.4.1 컴파일 / 보안 설정
2012.04.15 10:06
참고 문서 |
---|
시스템 환경: CentOS 6 (32bit)
라이브러리
# yum install gcc libtool apr-util-devel pcre-devel openssl-devel # wget http://ftp.jaist.ac.jp/pub/apache/apr/apr-1.4.6.tar.gz # tar xvfz apr-1.4.6.tar.gz # cd apr-1.4.6 # ./configure && make && make install # wget http://ftp.jaist.ac.jp/pub/apache/apr/apr-util-1.4.1.tar.gz # tar xvfz apr-util-1.4.1.tar.gz # cd apr-util-1.4.1 # ./configure --with-apr=/usr/local/apr && make && make install
다운로드 / 컴파일
# wget http://apache.mirror.cdnetworks.com/httpd/httpd-2.4.2.tar.gz # tar xvfz httpd-2.4.2.tar.gz # cd httpd-2.4.2 # ./configure --prefix=/usr/local/apache --enable-module=so --enable-so --enable-rewrite --enable-ssl=shared --with-ssl --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr --enable-nonportable-atomics=yes --with-mpm=worker # make # make install
방화벽
# vi /etc/sysconfig/iptables
-I INPUT -p tcp --dport 80 -j ACCEPT -I INPUT -p tcp --dport 443 -j ACCEPT
# service iptables restart # /usr/local/apache/bin/apachectl start It works! # /usr/local/apache/bin/apachectl stop
httpd.conf 설정
기본적인 내용은 생략하였습니다.
# vi /usr/local/apache/conf/httpd.conf
Timeout, KeepAliveTimeout 값은 직접 테스트하면서 맞는 값을 찾아야 합니다.
mod_security
http://www.modsecurity.org/download/
# yum install libxml2 libxml2-devel # tar xvfz modsecurity-apache_2.6.5.tar.gz # cd modsecurity-apache_2.6.5 # ./configure --with-apxs=/usr/local/apache/bin/apxs # make && make install # cp modsecurity.conf-recommended /usr/local/apache/conf/modsecurity.conf # vi /usr/local/apache/conf/httpd.conf
LoadModule security2_module modules/mod_security2.so Include conf/modsecurity.conf # 아래쪽에 추가
VirtualHost 팁
자동시작
# vi /etc/rc.d/rc.local
rm -rf /usr/local/apache/logs/* # 로그파일 삭제 /usr/local/apache/bin/apachectl start
관련문서
No. | Subject | Date | Views |
---|---|---|---|
21 | munin 설치 | 2018.10.13 | 787 |
20 | mysql 백업 (shell script) | 2018.10.14 | 697 |
19 | 웹 백업 (쉘 스크립트) | 2018.10.14 | 1194 |
18 | yum install php-apcu | 2019.03.12 | 1542 |
17 | yum install latest redis | 2019.03.27 | 1682 |
16 | certbot apache multiple domain | 2019.04.10 | 1416 |
15 | my.cnf | 2019.04.11 | 1 |
14 | xe 에디터 컴포넌트 트리거 제거 | 2019.05.16 | 9847 |
13 | vmware with centos 7 | 2019.08.23 | 0 |
12 | netdata 이용한 centos 모니터링 | 2020.01.25 | 2389 |
11 | php-fpm tcp to socket | 2020.01.25 | 0 |
10 | net::ERR_CONNECTION_REFUSED | 2021.10.11 | 0 |
9 | The best configuration of php7.4-fpm / 1.5GB | 2023.05.04 | 29 |
8 | The best configuration of php7.4-fpm / 8GB | 2023.05.04 | 23 |
7 | To download large files with rsync command. | 2023.05.04 | 21 |
6 | mysqldump from remote db to my local server. | 2023.05.04 | 421 |
5 | apache2 AllowOverride config | 2023.05.23 | 353 |
4 | gearman 은 무엇인가? | 2023.06.21 | 345 |
3 | mysql DELETE 쿼리 사용할 때 실제로 rows 삭제가 발생했는지 알 수 있는가? | 2023.06.21 | 2282 |
2 | php 에서 비동기 처리하는 방법 | 2023.06.22 | 386 |
SELINUX 에러인 경우 아파치를 허용해준다.
chcon -R -h -t httpd_sys_content_t /home