{"id":3023,"date":"2012-12-01T23:02:25","date_gmt":"2012-12-01T15:02:25","guid":{"rendered":"http:\/\/blog.dword1511.info\/?p=3023"},"modified":"2012-12-14T13:47:23","modified_gmt":"2012-12-14T05:47:23","slug":"apache-%e8%b0%83%e6%95%99%e8%ae%b0","status":"publish","type":"post","link":"http:\/\/blog.dword1511.info\/?p=3023","title":{"rendered":"Apache \u8c03\u6559\u8bb0"},"content":{"rendered":"<p>\u5176\u5b9e VPS \u5f00\u59cb\u8fd0\u8f6c\u4e4b\u540e Apache \u7684\u8bbe\u7f6e\u6211\u4e00\u76f4\u6ca1\u6709\u591a\u7559\u5fc3\uff0c\u672c\u7740\u591f\u7528\u5c31\u597d\u7684\u6001\u5ea6\u8fd9\u4e9b\u4e71\u4e03\u516b\u7cdf\u52c9\u5f3a\u80fd\u7528\u7684\u914d\u7f6e\u4e5f\u5c31\u966a\u4f34\u7740\u6211\u7684\u7ad9\u70b9\u5ea6\u8fc7\u4e86\u5c06\u8fd1\u4e00\u5e74\uff0c\u76f4\u5230\u4e0a\u4e2a\u6708 VPS \u4e24\u6b21\u88ab\u666e\u901a\u7684\u626b\u63cf\u5668\u5237\u5230 OOM \uff0c\u6211\u624d\u4e0b\u5b9a\u51b3\u5fc3\u597d\u597d\u6574\u7406\u4e0b Apache \u7684\u914d\u7f6e\uff0c\u987a\u4fbf\u90e8\u7f72\u597d Fail2ban \uff0c\u6700\u540e\u4fee\u7406\u4e0b\u8bbf\u95ee\u65e5\u5fd7\u4e0d\u7ffc\u800c\u98de\u7684\u95ee\u9898\u3002<\/p>\n<p><!--more--><\/p>\n<p>\u9996\u5148\u4e3a\u4e86\u907f\u514d Apache \u5e72\u7206\u5185\u5b58\uff0c\u6211\u4fee\u6539\u4e86 prefork \u7684\u8bbe\u7f6e\u3002\u540e\u6765\u53d1\u73b0\u8fd9\u6863\u5b50 MPM \u5b9e\u5728\u592a\u4e0d\u597d\u4f7f\u4e86\uff0c\u8981\u4e48\u5f31\u5f97\u4e00B\u8981\u4e48\u5e72\u7206\u5185\u5b58\uff0c\u4e8e\u662f\u4e4e sudo apt-get install apache2-mpm-worker \uff0c\u628a MPM \u4ece\u8001\u65e7\u7684 prefork \u6362\u6210\u4e86 worker \u3002\u672c\u6765\u4ee5\u4e3a\u4f1a\u4e00\u5e06\u98ce\u987a\u7684\uff0c\u7ed3\u679c\u53d1\u73b0 worker \u4e0d\u652f\u6301 mod-php \uff0cPHP \u5f97\u7528 FastCGI \u6765\u5448\u73b0\u4e86\u3002Apache \u7684 CGI \u8fd9\u65b9\u9762\u6211\u53ef\u662f\u96f6\u7ecf\u9a8c\u554a\uff0c\u4e8e\u662f\u53ea\u597d\u8bf7\u6559 Google \uff0c\u641c\u6765\u7684\u65b9\u6cd5\u4e00\u5927\u7968\uff0c\u5374\u53d1\u73b0\u5404\u4e2a\u90fd\u4e0d\u7ba1\u7528\uff0cphp \u7167\u6837\u88ab\u5f53\u6210\u666e\u901a\u6587\u4ef6\u5904\u7406\u4e86\u3002\u6700\u540e\u5728\u00a0<a href=\"http:\/\/www.krzywanski.net\/archives\/343\" target=\"_blank\">http:\/\/www.krzywanski.net\/archives\/343<\/a>\u00a0\u7ec8\u4e8e\u627e\u5230\u4e86\u4e2a\u786e\u5b9e\u80fd\u7528\u7684\u914d\u7f6e\u65b9\u6cd5\u3002\u53e6\u8bf7\u53c2\u9605\uff1a<a href=\"http:\/\/httpd.apache.org\/mod_fcgid\/mod\/mod_fcgid.html#fcgidfixpathinfo\" target=\"_blank\">http:\/\/httpd.apache.org\/mod_fcgid\/mod\/mod_fcgid.html#fcgidfixpathinfo<\/a>\u00a0\uff0c\u6ca1\u51c6\u6709\u7528\u3002<\/p>\n<p>\u5728 Apache \u7684 MPM \u6362\u6210 worker \u4ee5\u540e\u53d1\u73b0 Apache \u81ea\u8eab\u7684\u5185\u5b58\u5360\u7528\u786e\u5b9e\u5c0f\u4e86\u4e0d\u5c11\uff0c\u4f46\u662f\u540c\u65f6 serve 150 \u4e2a client \u5374\u4e0d\u5728\u8bdd\u4e0b\u3002\u4e0d\u8fc7 PHP \u7684\u8fdb\u7a0b\u4ecd\u7136\u5f88\u5403\u5185\u5b58\uff0c\u4e00\u4e2a\u5c31\u5360\u6389 30-40MB \uff0c\u4e0d\u8fc7\u597d\u5728\u73b0\u5728 Apache \u4e0d\u5fc5\u518d\u4e3a\u4e00\u4e9b 404 \u9875\u9762\u800c\u767d\u767d\u6d6a\u8d39\u5185\u5b58\u4e86\u3002<\/p>\n<p>\u76ee\u524d MPM \u6309\u7167\u4ee5\u4e0b\u914d\u7f6e\u5de5\u4f5c\uff0c\u4e0d\u77e5\u9053\u662f\u5426\u5408\u9002\uff0c\u4e0d\u884c\u7684\u8bdd\u4ee5\u540e\u518d\u770b\u60c5\u51b5\u8c03\u6574\uff1a<\/p>\n<pre>&lt;Module mpm_worker_module&gt;\r\n    StartServers            3\r\n    ServerLimit            10\r\n    MinSpareThreads        10\r\n    MaxSpareThreads        25 \r\n    ThreadLimit           200\r\n    ThreadsPerChild        25\r\n    MaxClients            150\r\n    MaxRequestsPerChild 10000\r\n&lt;\/IfModule&gt;<\/pre>\n<p>\u53e6\u5916\uff0c\u4e3a\u4e86\u9632\u6b62\u4e2a\u522b\u53d1\u4e86\u98d9\u7684\u626b\u63cf\u5668\uff0c\u8fd8\u662f\u914d\u7f6e\u4e2a Fail2ban \u6bd4\u8f83\u597d\u3002\u5b89\u88c5\u4e4b\u540e\u4fee\u6539\u4e0b\u00a0\/etc\/fail2ban\/fail2ban.conf \u548c \/etc\/fail2ban\/jail.conf \u57fa\u672c\u4e0a\u5c31\u53ef\u4ee5\u7528\u4e86\uff0c\u4e0d\u8fc7\u8981\u8bb0\u4f4f Debian \u7cfb\u7684\u7cfb\u7edf\u4e0a\u6700\u597d\u7528 polling \u800c\u975e gamin \u6765\u83b7\u53d6\u65e5\u5fd7\uff0c\u53e6\u5916\u00a0findtime \u548c\u00a0maxretry \u9700\u8981\u597d\u597d\u8003\u8651\u8003\u8651\uff08\u73b0\u5728\u7684\u626b\u63cf\u5668\u90fd\u5f88\u72e1\u733e\u4e86\uff0cfindtime \u4e0d\u89c1\u5f97\u80fd\u53d6\u5f97\u5f88\u5c0f\uff09\u3002<\/p>\n<p>\u4e00\u822c\u60c5\u51b5\u4e0b\u00a0apache-noscript \u6ee4\u955c\u5df2\u7ecf\u80fd\u63d0\u4f9b\u8db3\u591f\u597d\u7684\u4fdd\u62a4\u3002\u4f46\u662f\u5bf9\u4e8e\u90a3\u4e9b\u53d1\u4e86\u98ce\u7684 WordPress \u63d2\u4ef6\u4e0e\u4e3b\u9898\u540e\u95e8\u626b\u63cf\u5668\uff0c\u4f60\u8fd8\u9700\u8981\u4e00\u4e2a\u53eb apache-404 \u7684\u989d\u5916\u6ee4\u955c\uff1a<a href=\"http:\/\/blog.barbarycodes.com\/2010\/10\/06\/automated-banning-of-script-kiddies-with-fail2ban\/\" target=\"_blank\">http:\/\/blog.barbarycodes.com\/2010\/10\/06\/automated-banning-of-script-kiddies-with-fail2ban\/<\/a>\u00a0\u3002\u4e0d\u8fc7\u4e00\u5f00\u59cb\u6211\u53d1\u73b0\u8fd9\u8d27\u7684\u6548\u679c\u5e76\u4e0d\u662f\u5f88\u660e\u663e\uff08\u4e00\u4e2a\u90fd\u6ca1\u6293\u7740\uff09\uff0c\u800c\u6211\u7684\u6b63\u5219\u53c8\u5f88\u70c2\uff0c\u770b\u4e0d\u51fa\u5565\u95e8\u9053\u6765\uff0c\u4e8e\u662f\u53ea\u597d\u628a\u6ee4\u955c\u6539\u6210\u5982\u4e0b\u7b80\u5355\u7c97\u66b4\u7684\u6837\u5b50\uff1a<\/p>\n<pre>[Definition]\r\n#failregex = (?P[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}) .+ 404 [0-9]+ \"\r\nfailregex = [[]client []] (File does not exist\\: \\\/var\\\/www\\\/blog.dword1511.info\\\/wp-content\\\/)\r\nignoreregex =<\/pre>\n<p>\u8fd9\u4e0b\u4e16\u754c\u6e05\u9759\u591a\u4e86\u3002\u987a\u4fbf\u63d0\u4e00\u4e0b Fail2ban \u7684\u90ae\u4ef6\u529f\u80fd\u76f8\u5f53\u8d34\u5fc3\uff0c\u4f60\u53ef\u4ee5\u77e5\u9053\u8fc7\u6ee4\u5668\u8bef\u52a8\u4f5c\u6ca1\uff0c\u6293\u5230\u4e86\u54ea\u4e9b\u811a\u672c\u5c0f\u5b50\u3002\u4e0d\u8fc7 Gmail \u597d\u50cf\u5bb9\u6613\u628a\u5b83\u53d1\u7684\u90ae\u4ef6\u5224\u6210 spam \uff0c\u7b2c\u4e00\u6b21\u624b\u7684\u65f6\u5019\u9700\u8981\u624b\u52a8\u68c0\u67e5\u4e00\u4e0b\u3002<\/p>\n<p>Apache \u7684\u65e5\u5fd7\u4e0d\u7ffc\u800c\u98de\u7684\u95ee\u9898\u4e5f\u5f88\u7b80\u5355\uff0c\u542f\u7528 Virtual Hosts \u4ee5\u540e\u5c31\u65e0\u6240\u8c13\u9ed8\u8ba4\u7684\u4e3b\u673a\u4e86\uff0c\u9ed8\u8ba4\u7684 access.log \u91cc\u9762\u81ea\u7136\u662f\u5565\u90fd\u6ca1\u6709\uff0c\u540c\u65f6 Virtual Hosts \u7684\u914d\u7f6e\u6587\u4ef6\u91cc\u9762\u6211\u53c8\u6ca1\u6709\u6307\u5b9a CustomLog \uff0c\u4e8e\u662f\u5c31\u4e24\u624b\u7a7a\u7a7a\u5565\u90fd\u6ca1\u6709\u3002\u6700\u540e\uff0cApache \u7684\u8bbf\u95ee\u65e5\u5fd7\u683c\u5f0f\u4e5f\u88ab\u6211\u6539\u4e86\u4e00\u4e0b\uff0c\u5206\u4eab\u4e4b\uff1a<\/p>\n<pre>LogFormat \"%{%m-%d %H:%M}t %h,%s:%U \\\"%{User-Agent}i\\\"\" mylog\r\nLogFormat \"%{%m-%d %H:%M}t %h,%s:%V%U \\\"%{User-Agent}i\\\"\" mylogvh<\/pre>\n<hr \/>\n<p>Update:<\/p>\n<p>\u5982\u679c\u8981\u4e0a\u4f20\u5927\u6587\u4ef6\u7684\u8bdd\uff0c\u9664\u4e86\u8981\u4fee\u6539 php.ini \u91cc\u9762\u7684 post_max_size \u548c max_file_uploads \u4ee5\u5916\uff0c\u8fd8\u9700\u8981\u5728 Apache \u7684\u914d\u7f6e\u91cc\u52a0\u4e0a\u201c FcgidMaxRequestLen xxxxxxxxx \u201d\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5176\u5b9e VPS \u5f00\u59cb\u8fd0\u8f6c\u4e4b\u540e Apache \u7684\u8bbe\u7f6e\u6211\u4e00\u76f4\u6ca1\u6709\u591a\u7559\u5fc3\uff0c\u672c\u7740\u591f\u7528\u5c31\u597d\u7684\u6001\u5ea6\u8fd9\u4e9b\u4e71\u4e03\u516b\u7cdf\u52c9\u5f3a\u80fd\u7528\u7684\u914d\u7f6e &hellip; <a href=\"http:\/\/blog.dword1511.info\/?p=3023\" class=\"more-link\">\u7ee7\u7eed\u9605\u8bfb<span class=\"screen-reader-text\">Apache \u8c03\u6559\u8bb0<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false},"categories":[10,14],"tags":[],"_links":{"self":[{"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=\/wp\/v2\/posts\/3023"}],"collection":[{"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3023"}],"version-history":[{"count":8,"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=\/wp\/v2\/posts\/3023\/revisions"}],"predecessor-version":[{"id":3147,"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=\/wp\/v2\/posts\/3023\/revisions\/3147"}],"wp:attachment":[{"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3023"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.dword1511.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}