Shell腳本一鍵進行Apache服務的優化

使用Shell腳本一鍵進行Apache服務的優化

（包含日誌分割、日誌文件分析系統、靜態資源壓縮、設置網頁緩存時間、防盜鏈、系統版本號隱藏）

本次實驗使用軟件包合集（均爲開源軟件）：鏈接：https://pan.baidu.com/s/1Byuu3PWgCap85lqfqrA6eA 提取碼：x806 請添加鏈接描述

安裝步驟：手工編譯安裝apache→安裝dns服務→進行日誌分割→安裝日誌文件分析系統→對靜態資源進行壓縮→設施網頁緩存時間→防盜鏈設置→版本號隱藏

#!/bin/bash

yum install bind expect -y
#安裝基礎DNS及expect免交互

read -p "提供硬盤的IP：" ip
smbclient -L //$ip/ <<-eof

eof
read -p "請輸入想掛載的文件夾：" test
mount.cifs -o username="******",password="******" //$ip/$test /mnt
#賬戶密碼請自定義

df -hT | grep -o "cifs" &> /dev/null
if [ $? -eq 0 ];then
  echo "掛載成功，開始安裝"
else
  echo "失敗，請重來"
  exit 1
fi
#遠程掛載

yum -y install \
gcc \
gcc-c++ \
pcre \
pcre-devel \
zlib-devel \
expat-devel
#安裝環境包

cd /mnt
tar xjf httpd-2.4.29.tar.bz2 -C /opt
tar zxf apr-1.6.2.tar.gz -C /opt/
tar zxf apr-util-1.6.0.tar.gz -C /opt/
rpm -ivh cronolog-1.6.2-14.el7.x86_64.rpm

cd /opt
mv apr-1.6.2/ httpd-2.4.29/srclib/apr
mv apr-util-1.6.0/ httpd-2.4.29/srclib/apr-util

cd httpd-2.4.29/
./configure \
--prefix=/usr/local/httpd \
--enable-so \
--enable-deflate \
--enable-expires \
--enable-rewrite \
--enable-charest-lite \
--enable-cgi 
make && make install
#編譯安裝

quanju="/etc/named.conf"
quyu="/etc/named.rfc1912.zones"
zhu=`ifconfig ens33 | awk 'NR==2{print $2}'`

sed -i -e "13s/127.0.0.1/any/" -e '21s/localhost/any/' $quanju
sed -i "18azone \"zhy.com\" IN {\n  type master\;\n  file \"zhy.zone\"\;\n}\;\n" $quyu
cp -p /var/named/named.localhost /var/named/zhy.zone
sed -i -e '$d' /var/named/zhy.zone
echo "www  IN A    $zhu" >> /var/named/zhy.zone
#DNS配置

http="/usr/local/httpd/conf/httpd.conf"
sed -i -e '/Listen 80/s/^/#/' -e "/#Listen 12.34.56.78:80/s/#Listen 12.34.56.78:80/Listen $zhu:80/" $http
sed -i '/#ServerName www.example.com/s/#ServerName www.example.com/ServerName www.zhy.com/' $http
cd /usr/local/httpd/bin/
./apachectl start
sed -i '/ErrorLog \"logs\/error_log\"/s/ErrorLog \"logs\/error_log\"/ErrorLog \"\| \/usr\/sbin\/cronolog logs\/www.zhy.com.error_\%Y\%m\%d.log\"/' $http
sed -i '/CustomLog \"logs\/access_log\" common/s/CustomLog \"logs\/access_log\" common/CustomLog \"\| \/usr\/sbin\/cronolog logs\/www.zhy.com.access_\%Y\%m\%d.log\" combined/' $http
#HTTP服務改監聽、改域名

ln -s /usr/local/httpd/bin/* /etc/init.d/ 
service apachectl stop
service apachectl start
#日誌分割

cd /mnt
tar zxf awstats-7.6.tar.gz
mv awstats-7.6 /usr/local/awstats
cd /usr/local/awstats/tools/
expect <<-eof
    spawn ./awstats_configure.pl

    expect ">" {send "/usr/local/httpd/conf/httpd.conf\r"}
    expect "y/N" {send "y\r"}
    expect ">" {send "www.zhy.com\r"}
    expect ">" {send "\r"}
    expect "continue..." {send "\r"}
    expect "finish..." {send "\r"}
eof
time=`date -d 'today' '+%Y%m%d'`
ls /usr/local/httpd/logs/ | grep "$time"
if [ $? -eq 0 ];then
  sed -i "50s/\/var\/log\/httpd\/mylog.log/\/usr\/local\/httpd\/logs\/www.zhy.com.access_$time.log/" /etc/awstats/awstats.www.zhy.com.conf
fi

sed -i "/LogFormat=1/s/1/4/" /etc/awstats/awstats.www.zhy.com.conf
mkdir /var/lib/awstats
sed -i "/#LoadModule cgid_module modules\/mod_cgid.so/aLoadModule cgid_module modules\/mod_cgid.so" $http
sed -i -e '/Order allow,deny/s/^/#/' -e '/Allow from all/s/^/#/' $http
sed -i '/Allow from all/a    Require all granted' $http
echo "* * 1 * * ls /usr/local/httpd/logs/ | grep $time &> /dev/null && sed -i \"50s/\/var\/log\/httpd\/mylog.log/\/usr\/local\/httpd\/logs\/www.zhy.com.access_$time.log/\" root /etc/awstats/awstats.www.zhy.com.conf" >> /etc/crontab

echo "*/5 * * * * root /usr/local/awstats/tools/awstats_updateall.pl now" >> /etc/crontab
/bin/systemctl reload crond.service
systemctl enable crond
#創建計劃性任務

touch /usr/local/httpd/htdocs/houtai.html
echo "<html>" >> /usr/local/httpd/htdocs/houtai.html
echo "  <head>" >> /usr/local/httpd/htdocs/houtai.html
echo "   <meta http-equiv=refresh content=\"0;url=http://www.zhy.com/awstats/awstats.pl?config=www.zhy.com\">" >> /usr/local/httpd/htdocs/houtai.html
echo "  </head>" >> /usr/local/httpd/htdocs/houtai.html
echo " <body></body> " >> /usr/local/httpd/htdocs/houtai.html
echo "</html>" >> /usr/local/httpd/htdocs/houtai.html
service apachectl stop
service apachectl start
systemctl stop firewalld.service 
setenforce 0
systemctl start named
#日誌文件分割系統

cd /mnt
sed -i '/LoadModule deflate_ module modules\/mod_ deflate.so/s/#/ /' $http
echo "<IfModule mod_deflate.c>" >> $http
echo "    AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml text/javascript" >> $http
echo "    DeflateCompressionLevel 9" >> $http
echo "    SetOutputFilter DEFLATE" >> $http
echo "</IfModule>" >> $http
#靜態資源壓縮

sed -i '/LoadModule expires_module/s/#/ /' $http
echo "<IfModule mod_expires.c>" >> $http
echo "    ExpiresActive On" >> $http
echo "    ExpiresDefault \"access plus 30 seconds\"" >> $http
echo "</IfModule>" >> $http
#網頁緩存時間

sed -i '/LoadModule rewrite_module/s/#/ /' $http
sed -i '248a    RewriteEngine On\n    RewriteCond %{HTTP_REFERER} !^http://zhy.com/.*$ [NC]\n    RewriteCond %{HTTP_REFERER} !^http://zhy.com$ [NC]\n    RewriteCond %{HTTP_REFERER} !^http://www.zhy.com/.*$ [NC]\n    RewriteCond %{HTTP_REFERER} !^http://www.zhy.com/$ [NC]\n    RewriteRule .*\\.(gif|jpg|swf)$ http://www.zhy.com/error.png' $http
#防盜鏈，防盜圖片請放到默認站點htdocs中

sed -i '/httpd-default.conf/s/#/ /' $http
default="/usr/local/httpd/conf/extra/httpd-default.conf"
sed -i '55s/Full/Prod/' $default
#隱藏版本號

service apachectl stop
service apachectl start
echo "本機IP爲：$zhu"