Shell脚本一键进行Apache服务的优化

使用Shell脚本一键进行Apache服务的优化

（包含日志分割、日志文件分析系统、静态资源压缩、设置网页缓存时间、防盗链、系统版本号隐藏）

本次实验使用软件包合集（均为开源软件）：链接：https://pan.baidu.com/s/1Byuu3PWgCap85lqfqrA6eA 提取码：x806 请添加链接描述

安装步骤：手工编译安装apache→安装dns服务→进行日志分割→安装日志文件分析系统→对静态资源进行压缩→设施网页缓存时间→防盗链设置→版本号隐藏

#!/bin/bash yum install bind expect -y #安装基础DNS及expect免交互 read -p "提供硬盘的IP：" ip smbclient -L //$ip/ <<-eof eof read -p "请输入想挂载的文件夹：" test mount.cifs -o username="******",password="******" //$ip/$test /mnt #账户密码请自定义 df -hT | grep -o "cifs" &> /dev/null if [ $? -eq 0 ];then echo "挂载成功，开始安装" else echo "失败，请重来" exit 1 fi #远程挂载 yum -y install \ gcc \ gcc-c++ \ pcre \ pcre-devel \ zlib-devel \ expat-devel #安装环境包 cd /mnt tar xjf httpd-2.4.29.tar.bz2 -C /opt tar zxf apr-1.6.2.tar.gz -C /opt/ tar zxf apr-util-1.6.0.tar.gz -C /opt/ rpm -ivh cronolog-1.6.2-14.el7.x86_64.rpm cd /opt mv apr-1.6.2/ httpd-2.4.29/srclib/apr mv apr-util-1.6.0/ httpd-2.4.29/srclib/apr-util cd httpd-2.4.29/ ./configure \ --prefix=/usr/local/httpd \ --enable-so \ --enable-deflate \ --enable-expires \ --enable-rewrite \ --enable-charest-lite \ --enable-cgi make && make install #编译安装 quanju="/etc/named.conf" quyu="/etc/named.rfc1912.zones" zhu=`ifconfig ens33 | awk 'NR==2{print $2}'` sed -i -e "13s/127.0.0.1/any/" -e '21s/localhost/any/' $quanju sed -i "18azone \"zhy.com\" IN {\n type master\;\n file \"zhy.zone\"\;\n}\;\n" $quyu cp -p /var/named/named.localhost /var/named/zhy.zone sed -i -e '$d' /var/named/zhy.zone echo "www IN A $zhu" >> /var/named/zhy.zone #DNS配置 http="/usr/local/httpd/conf/httpd.conf" sed -i -e '/Listen 80/s/^/#/' -e "/#Listen 12.34.56.78:80/s/#Listen 12.34.56.78:80/Listen $zhu:80/" $http sed -i '/#ServerName www.example.com/s/#ServerName www.example.com/ServerName www.zhy.com/' $http cd /usr/local/httpd/bin/ ./apachectl start sed -i '/ErrorLog \"logs\/error_log\"/s/ErrorLog \"logs\/error_log\"/ErrorLog \"\| \/usr\/sbin\/cronolog logs\/www.zhy.com.error_\%Y\%m\%d.log\"/' $http sed -i '/CustomLog \"logs\/access_log\" common/s/CustomLog \"logs\/access_log\" common/CustomLog \"\| \/usr\/sbin\/cronolog logs\/www.zhy.com.access_\%Y\%m\%d.log\" combined/' $http #HTTP服务改监听、改域名 ln -s /usr/local/httpd/bin/* /etc/init.d/ service apachectl stop service apachectl start #日志分割 cd /mnt tar zxf awstats-7.6.tar.gz mv awstats-7.6 /usr/local/awstats cd /usr/local/awstats/tools/ expect <<-eof spawn ./awstats_configure.pl expect ">" {send "/usr/local/httpd/conf/httpd.conf\r"} expect "y/N" {send "y\r"} expect ">" {send "www.zhy.com\r"} expect ">" {send "\r"} expect "continue..." {send "\r"} expect "finish..." {send "\r"} eof time=`date -d 'today' '+%Y%m%d'` ls /usr/local/httpd/logs/ | grep "$time" if [ $? -eq 0 ];then sed -i "50s/\/var\/log\/httpd\/mylog.log/\/usr\/local\/httpd\/logs\/www.zhy.com.access_$time.log/" /etc/awstats/awstats.www.zhy.com.conf fi sed -i "/LogFormat=1/s/1/4/" /etc/awstats/awstats.www.zhy.com.conf mkdir /var/lib/awstats sed -i "/#LoadModule cgid_module modules\/mod_cgid.so/aLoadModule cgid_module modules\/mod_cgid.so" $http sed -i -e '/Order allow,deny/s/^/#/' -e '/Allow from all/s/^/#/' $http sed -i '/Allow from all/a Require all granted' $http echo "* * 1 * * ls /usr/local/httpd/logs/ | grep $time &> /dev/null && sed -i \"50s/\/var\/log\/httpd\/mylog.log/\/usr\/local\/httpd\/logs\/www.zhy.com.access_$time.log/\" root /etc/awstats/awstats.www.zhy.com.conf" >> /etc/crontab echo "*/5 * * * * root /usr/local/awstats/tools/awstats_updateall.pl now" >> /etc/crontab /bin/systemctl reload crond.service systemctl enable crond #创建计划性任务 touch /usr/local/httpd/htdocs/houtai.html echo "<html>" >> /usr/local/httpd/htdocs/houtai.html echo " <head>" >> /usr/local/httpd/htdocs/houtai.html echo " <meta http-equiv=refresh content=\"0;url=http://www.zhy.com/awstats/awstats.pl?config=www.zhy.com\">" >> /usr/local/httpd/htdocs/houtai.html echo " </head>" >> /usr/local/httpd/htdocs/houtai.html echo " <body></body> " >> /usr/local/httpd/htdocs/houtai.html echo "</html>" >> /usr/local/httpd/htdocs/houtai.html service apachectl stop service apachectl start systemctl stop firewalld.service setenforce 0 systemctl start named #日志文件分割系统 cd /mnt sed -i '/LoadModule deflate_ module modules\/mod_ deflate.so/s/#/ /' $http echo "<IfModule mod_deflate.c>" >> $http echo " AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml text/javascript" >> $http echo " DeflateCompressionLevel 9" >> $http echo " SetOutputFilter DEFLATE" >> $http echo "</IfModule>" >> $http #静态资源压缩 sed -i '/LoadModule expires_module/s/#/ /' $http echo "<IfModule mod_expires.c>" >> $http echo " ExpiresActive On" >> $http echo " ExpiresDefault \"access plus 30 seconds\"" >> $http echo "</IfModule>" >> $http #网页缓存时间 sed -i '/LoadModule rewrite_module/s/#/ /' $http sed -i '248a RewriteEngine On\n RewriteCond %{HTTP_REFERER} !^http://zhy.com/.*$ [NC]\n RewriteCond %{HTTP_REFERER} !^http://zhy.com$ [NC]\n RewriteCond %{HTTP_REFERER} !^http://www.zhy.com/.*$ [NC]\n RewriteCond %{HTTP_REFERER} !^http://www.zhy.com/$ [NC]\n RewriteRule .*\\.(gif|jpg|swf)$ https://cache.yisu.com/upload/information/20200309/28/16809.jpg' $http #防盗链，防盗图片请放到默认站点htdocs中 sed -i '/httpd-default.conf/s/#/ /' $http default="/usr/local/httpd/conf/extra/httpd-default.conf" sed -i '55s/Full/Prod/' $default #隐藏版本号 service apachectl stop service apachectl start echo "本机IP为：$zhu"