和之前写过的Zabbix 3.2 agentd监控Nginx性能原理差不多,都是通过web引擎输出status信息来进行性能监控,一般情况下我们需要对ReqPerSec、BytesPerSec、BusyWorkers、IdleWorkers四个数据进行关注。
开启Apache Status
Listen 80
<VirtualHost *:80>
CustomLog /dev/null common
ErrorLog /dev/null
<Location "/server-status">
SetHandler server-status
Require ip 127.0.0.1
</Location>
</VirtualHost> |
Listen 80
<VirtualHost *:80>
CustomLog /dev/null common
ErrorLog /dev/null
<Location "/server-status">
SetHandler server-status
Require ip 127.0.0.1
</Location>
</VirtualHost>
我这里生产环境监控的是一台WHM服务器,默认开启apache status,访问地址为http://127.0.0.1:80/whm-server-status?auto,正常情况下应该如下页面内容:
Apache Server Status for 127.0.0.1 (via 127.0.0.1)
Server Version: Apache/2.4.37 (cPanel) OpenSSL/1.0.2p mod_bwlimited/1.4
Server MPM: prefork
Server Built: Oct 29 2018 18:29:24
Current Time: Thursday, 22-Nov-2018 13:48:50 CST
Restart Time: Thursday, 22-Nov-2018 13:48:35 CST
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime: 15 seconds
Server load: 0.05 0.09 0.08
Total accesses: 7 – Total Traffic: 54 kB – Total Duration: 19687
CPU Usage: u.02 s0 cu0 cs0 – .133% CPU load
.467 requests/sec – 3686 B/second – 7.7 kB/request – 2812.43 ms/request
7 requests currently being processed, 4 idle workers
……………
继续阅读…
分类:linux日期:2014-03-06 - 20:46:40评论:28条作者:老谢
以前也配置过ssl,但是过期以后就没续费,无意间在淘宝上看到positive的ssl只要不到10块,于是顺手买了一个安装上,
这里记录一下配置过程,虽然对我来说没啥用,只为有个绿色安全图标看着好看吧,也仅仅用在后台,前台不打算使用全https,因为还要去除很多http连接,非常麻烦而且没意义,懒得弄。
编辑httpd-ssl.conf找到SSLCertificateFile以及SSLCertificateKeyFile配置上crt和key
继续阅读…
分类:linux日期:2014-01-05 - 20:46:23评论:1条作者:老谢
mod_pagespeed
该模块可以有效将网页加载速度提高50%+,Google这款加速模块简单的解决了许多复情况的问题:
- 加速模块可以自行对网络传输的html字节优化及对图象,css进入压缩优化传输;
- js的自动压缩;
- 智能缓存是一大亮点,它可以自动智能缓存,加速下载。
- 直接开启模块即可,不需要过多设置;
懒得折腾varnish、nginx这些前端了,因为好几个网站改配置文件什么的太烦,好吧,我到底是多懒,既然已经懒成这样,apache本身能不能提供一个压缩或缓存呢?搜了一圈以后,决定安装mod_pagespeed模块,这个模块由google提供,上面已经简单的进行了描述,下面贴出配置过程:
配置mod_pagespeed
Tips:mod_pagespeed 需要 Apache 加载 mod_deflate(一个将 web内容gzip压缩后传输的模块)。
32位请执行:wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_i386.rpm
64位请执行:wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm
rpm2cpio ./mod-pagespeed-stable_current_i386.rpm | cpio -idmv
./etc/cron.daily/mod-pagespeed
./etc/httpd/conf.d/pagespeed.conf
./etc/httpd/conf.d/pagespeed_libraries.conf
./usr/bin/pagespeed_js_minify
./usr/lib/httpd/modules/mod_pagespeed.so
./usr/lib/httpd/modules/mod_pagespeed_ap24.so
./var/cache/mod_pagespeed
./var/log/pagespeed
27020 blocks
cp ./usr/lib/httpd/modules/mod_pagespeed.so /usr/local/apache/modules/ #apache版本>=2.4.2,用pagespeed_ap24.so
chmod 0755 /usr/local/apache/modules/mod_pagespeed.so
vim /usr/local/apache/conf/pagespeed.conf #新建配置文件,请根据自己需求修改 |
32位请执行:wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_i386.rpm
64位请执行:wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm
rpm2cpio ./mod-pagespeed-stable_current_i386.rpm | cpio -idmv
./etc/cron.daily/mod-pagespeed
./etc/httpd/conf.d/pagespeed.conf
./etc/httpd/conf.d/pagespeed_libraries.conf
./usr/bin/pagespeed_js_minify
./usr/lib/httpd/modules/mod_pagespeed.so
./usr/lib/httpd/modules/mod_pagespeed_ap24.so
./var/cache/mod_pagespeed
./var/log/pagespeed
27020 blocks
cp ./usr/lib/httpd/modules/mod_pagespeed.so /usr/local/apache/modules/ #apache版本>=2.4.2,用pagespeed_ap24.so
chmod 0755 /usr/local/apache/modules/mod_pagespeed.so
vim /usr/local/apache/conf/pagespeed.conf #新建配置文件,请根据自己需求修改
LoadModule pagespeed_module /usr/local/apache/modules/mod_pagespeed.so
<IfModule pagespeed_module>
ModPagespeed on
ModPagespeedInheritVHostConfig on
AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html
ModPagespeedFileCachePath "/var/cache/mod_pagespeed/"
ModPagespeedFileCacheInodeLimit 500000
ModPagespeedAvoidRenamingIntrospectiveJavascript on
ModPagespeedEnableFilters collapse_whitespace
<Location /mod_pagespeed_beacon>
SetHandler mod_pagespeed_beacon
</Location>
<Location /mod_pagespeed_statistics>
Order allow,deny
Allow from localhost
Allow from 127.0.0.1
SetHandler mod_pagespeed_statistics
</Location>
ModPagespeedMessageBufferSize 100000
<Location /mod_pagespeed_message>
Allow from localhost
Allow from 127.0.0.1
SetHandler mod_pagespeed_message
</Location>
</IfModule> |
LoadModule pagespeed_module /usr/local/apache/modules/mod_pagespeed.so
<IfModule pagespeed_module>
ModPagespeed on
ModPagespeedInheritVHostConfig on
AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html
ModPagespeedFileCachePath "/var/cache/mod_pagespeed/"
ModPagespeedFileCacheInodeLimit 500000
ModPagespeedAvoidRenamingIntrospectiveJavascript on
ModPagespeedEnableFilters collapse_whitespace
<Location /mod_pagespeed_beacon>
SetHandler mod_pagespeed_beacon
</Location>
<Location /mod_pagespeed_statistics>
Order allow,deny
Allow from localhost
Allow from 127.0.0.1
SetHandler mod_pagespeed_statistics
</Location>
ModPagespeedMessageBufferSize 100000
<Location /mod_pagespeed_message>
Allow from localhost
Allow from 127.0.0.1
SetHandler mod_pagespeed_message
</Location>
</IfModule>
mkdir -p /var/mod_pagespeed/
chown -R www.www /var/mod_pagespeed/
echo 'Include conf/pagespeed.conf' >> /usr/local/apache/conf/httpd.conf
/usr/local/apache/bin/apachectl -t
Syntax OK
service httpd restart |
mkdir -p /var/mod_pagespeed/
chown -R www.www /var/mod_pagespeed/
echo 'Include conf/pagespeed.conf' >> /usr/local/apache/conf/httpd.conf
/usr/local/apache/bin/apachectl -t
Syntax OK
service httpd restart
分类:运维技术日期:2012-03-12 - 11:23:47评论:10条作者:老谢
安装&下载
http://dominia.org/djao/limit/mod_limitipconn-0.22.tar.gz
tar -zxf mod_limitipconn-0.22.tar.gz
cd mod_limitipconn-0.22
/usr/local/apache/bin/apxs -c -i -a mod_limitipconn.c
检查httpd.conf里面是否有LoadModule limitipconn_module modules/mod_limitipconn.so,如果有则正常,继续向下看:
###下面就是对web目录下的文件下载限制
<IfModule mod_limitipconn.c>
<Location /> #所限制的目录所在,此处表示主机的根目录
MaxConnPerIP 3 #所限制的每个IP并发连接数为3个
NoIPLimit image/* #对图片不做IP限制
</Location>
<Location /mp3> #所限制的目录所在,此处表示主机的/mp3目录
MaxConnPerIP 1 #所限制的每个IP并发连接数为1个
OnlyIPLimit audio/mpeg video #该限制只对视频和音频格式的文件
</Location>
</IfModule> |
###下面就是对web目录下的文件下载限制
<IfModule mod_limitipconn.c>
<Location /> #所限制的目录所在,此处表示主机的根目录
MaxConnPerIP 3 #所限制的每个IP并发连接数为3个
NoIPLimit image/* #对图片不做IP限制
</Location>
<Location /mp3> #所限制的目录所在,此处表示主机的/mp3目录
MaxConnPerIP 1 #所限制的每个IP并发连接数为1个
OnlyIPLimit audio/mpeg video #该限制只对视频和音频格式的文件
</Location>
</IfModule>
分类:运维技术日期:2012-03-01 - 22:51:31评论:6条作者:老谢
做网站,有些目录必须要有写入权限,网站才能运行,但又担心别有用心的人在该目录上传.php的可执行文件,这样就有安全隐患了,下面例子为如何禁止某个目录执行.php的文件,代码摘自:http://who0168.blog.51cto.com/253401/577309
apache
<Directory /usr/local/apache/htdocs/bbs/data>
php_flag engine off
</Directory>
<Directory ~ "^/home/centos/web/data">
<Files ~ ".php">
Order allow,deny
Deny from all
</Files>
</Directory> |
<Directory /usr/local/apache/htdocs/bbs/data>
php_flag engine off
</Directory>
<Directory ~ "^/home/centos/web/data">
<Files ~ ".php">
Order allow,deny
Deny from all
</Files>
</Directory>
nginx
location /data/ {
location ~ .*\.(php)?$ {
deny all;
}
} |
location /data/ {
location ~ .*\.(php)?$ {
deny all;
}
}
最新评论
Andy烧麦:这些大厂都能提供必要的售后
王光卫博客:小米生态还是比较丰富
空空裤兜:在天猫买的利维斯顿,阿里智能APP...
林羽凡:我突然发现,你也记录了很多博文了。
菊座:小米的东西还行
zwwooooo:一般电器产品都jd,就是想售后身心
zwwooooo:能随便搞个公司玩玩也算是实力选手
大D:坚持就是胜利哈哈哈
老麦:看着那一排日志存档,老前辈了啊。
大峰:这售后可以嘛~