avivkazaz1@gmail.com m9211532 0 Bytes 50 GB
rockojv@hotmail.com villaizan 0 Bytes 50 GB
luyza_fashion@hotmail.com 22062000 0 Bytes 50 GB
robson.rodrigo.andrade@gmail.com 19821510 0 Bytes 50 GB
huisakuraflower@hotmail.com 39bvqdtj 0 Bytes 50 GB
tiago.saramago@hotmail.com saramago 0 Bytes 50 GB
nanu_4_@hotmail.com nanufla21 0 Bytes 50 GB
jmloserra@gmail.com gaviota1 0 Bytes 50 GB
josgomezg@hotmail.com 6951Josg 0 Bytes 50 GB
baljaamight@yahoo.com baljaa31 0 Bytes 50 GB
minzy-199@hotmail.com haruhis2 0 Bytes 50 GB
yankeesatb56@aol.com nyit2014 0 Bytes 50 GB
guizim1994@hotmail.com guizim157 0 Bytes 50 GB
israel_esau_25@hotmail.com 1diciembre1999 0 Bytes 50 GB
hunny_hunny_mike@hotmail.com sare08623 0 Bytes 50 GB
kevdog16@live.com.au cardyboy 0 Bytes 50 GB
e2ure@hotmail.com alvarado02 0 Bytes 50 GB
brunomaiasantos@gmail.com bruno2412 0 Bytes 50 GB
juanseba_2008@hotmail.com quierounda2 0 Bytes 50 GB
jimmybill@gmail.com bjimmy11 0 Bytes 50 GB
flavia-grinberg@hotmail.com poynter123 0 Bytes 50 GB
corban1508@hotmail.com Aguilas1 0 Bytes 50 GB
matheusfferrari@hotmail.com 33713532 0 Bytes 50 GB
ariel.godino@gmail.com arirojo23 0 Bytes 50 GB
cristinalarumbe@gmail.com q1q2q1q2 0 Bytes 50 GB
eric.yipu.wang@gmail.com Wangyipu2001 0 Bytes 50 GB
marco10lider@gmail.com ma0307200 0 Bytes 50 GB
garner.tyler@gmail.com Movinmav33 0 Bytes 50 GB
kayliana22@hotmail.com kayharry1 0 Bytes 50 GB
meeklet@gmail.com alinka217 0 Bytes 50 GB
mcclaindave@hotmail.com steelers1 0 Bytes 50 GB
cahollow@gmail.com prjkt2501 0 Bytes 50 GB
spammy7@hotmail.com samantha7 0 Bytes 50 GB
liorv58@gmail.com 123456 0 Bytes 50 GB
arigatoster@gmail.com barabashka 0 Bytes 50 GB
clarasr@gmail.com sc8269 0 Bytes 50 GB
josanchezag@gmail.com josi1001 0 Bytes 50 GB
mathesys@aol.com 998411 0 Bytes 50 GB
gatorgirl0509@hotmail.com mason1234 0 Bytes 50 GB
denisbuzali@hotmail.com letbiggierap 0 Bytes 50 GB
jamiekennedy@live.com Rangers11 0 Bytes 50 GB
awatarmumu0@gmail.com 220890 0 Bytes 50 GB
lpayne2448@gmail.com laura10814 0 Bytes 50 GB
catempio@gmail.com c02071983 0 Bytes 50 GB
bdcranfill@gmail.com bdchad24 0 Bytes 50 GB
andhikayuu@gmail.com thevarm123123 0 Bytes 50 GB
jeminis_96@hotmail.com 72709285 0 Bytes 50 GB
avp0304@gmail.com flhtyfkby 0 Bytes 50 GB
geonovaprojects@gmail.com bantengterbang 0 Bytes 50 GB
genovesepablo@gmail.com amalgama88 0 Bytes 50 GB
javier_ortizo@hotmail.com bakugandarkus 0 Bytes 50 GB
fracarma1999@gmail.com stanlioolio 0 Bytes 50 GB
matheus_melo02@hotmail.com zacarias 0 Bytes 50 GB
almorep@yahoo.com 0101328351 0 Bytes 50 GB
iphonelogi@gmail.com carolina 0 Bytes 50 GB
catherinechen1009@hotmail.com chenyrcaisl81 0 Bytes 50 GB
walterquique@hotmail.com anita1987 0 Bytes 50 GB
haaai-@live.com 88430214 0 Bytes 50 GB
saulo_gui.ferreira@hotmail.com 957193957193 0 Bytes 50 GB
horwatich@gmail.com jmh666 0 Bytes 50 GB
jellybean.haynes@gmail.com jasmine2002 0 Bytes 50 GB
remco.overdevest@gmail.com cooi3877 0 Bytes 50 GB
matuterubi@hotmail.com surele14 0 Bytes 50 GB
khaled_banje@hotmail.com vesams 0 Bytes 50 GB
tartar-isedible_@hotmail.com donghae407! 0 Bytes 50 GB
nerdylicious35@hotmail.com emolicious 0 Bytes 50 GB
mdm031975@gmail.com 27md75 0 Bytes 50 GB
sahwan73@gmail.com zainabbas3 0 Bytes 50 GB
joyceyzang@gmail.com skulls666 0 Bytes 50 GB
craigstewartis@gmail.com suitable 0 Bytes 50 GB
jespergrann@live.com jesper94 0 Bytes 50 GB
dieggo92@gmail.com dieggo1992 0 Bytes 50 GB
rudolfwardanjan@hotmail.com 3p2diezx 0 Bytes 50 GB
ar.camila@gmail.com antares 0 Bytes 50 GB
onestim1@gmail.com 14365522 0 Bytes 30 GB
moa123taz@yahoo.com Ahm123ed 0 Bytes 50 GB
theionized@gmail.com 8001766 0 Bytes 50 GB
brandonadrielcastropren@gmail.com hola12345 0 Bytes 15 GB
wiger_13@hotmail.com gigliop001 0 Bytes 15 GB
arhulop@gmail.com haru4648 0 Bytes 15 GB
dimashuralev@gmail.com 14784056588 0 Bytes 15 GB
ivantai_1994@hotmail.com 12369874 0 Bytes 15 GB
kurt_cobain_129@hotmail.com THEKOURT 0 Bytes 50 GB
13nodi@gmail.com andrea69 0 Bytes 15 GB
forresthess@yahoo.com darknight1 0 Bytes 15 GB
mymint_jinta@hotmail.com 044220922 0 Bytes 15 GB
humbertocanilhas@hotmail.com lucamar12 0 Bytes 15 GB
rockojv@hotmail.com villaizan 0 Bytes 50 GB
luyza_fashion@hotmail.com 22062000 0 Bytes 50 GB
robson.rodrigo.andrade@gmail.com 19821510 0 Bytes 50 GB
huisakuraflower@hotmail.com 39bvqdtj 0 Bytes 50 GB
tiago.saramago@hotmail.com saramago 0 Bytes 50 GB
nanu_4_@hotmail.com nanufla21 0 Bytes 50 GB
jmloserra@gmail.com gaviota1 0 Bytes 50 GB
josgomezg@hotmail.com 6951Josg 0 Bytes 50 GB
baljaamight@yahoo.com baljaa31 0 Bytes 50 GB
minzy-199@hotmail.com haruhis2 0 Bytes 50 GB
yankeesatb56@aol.com nyit2014 0 Bytes 50 GB
guizim1994@hotmail.com guizim157 0 Bytes 50 GB
israel_esau_25@hotmail.com 1diciembre1999 0 Bytes 50 GB
hunny_hunny_mike@hotmail.com sare08623 0 Bytes 50 GB
kevdog16@live.com.au cardyboy 0 Bytes 50 GB
e2ure@hotmail.com alvarado02 0 Bytes 50 GB
brunomaiasantos@gmail.com bruno2412 0 Bytes 50 GB
juanseba_2008@hotmail.com quierounda2 0 Bytes 50 GB
jimmybill@gmail.com bjimmy11 0 Bytes 50 GB
flavia-grinberg@hotmail.com poynter123 0 Bytes 50 GB
corban1508@hotmail.com Aguilas1 0 Bytes 50 GB
matheusfferrari@hotmail.com 33713532 0 Bytes 50 GB
ariel.godino@gmail.com arirojo23 0 Bytes 50 GB
cristinalarumbe@gmail.com q1q2q1q2 0 Bytes 50 GB
eric.yipu.wang@gmail.com Wangyipu2001 0 Bytes 50 GB
marco10lider@gmail.com ma0307200 0 Bytes 50 GB
garner.tyler@gmail.com Movinmav33 0 Bytes 50 GB
kayliana22@hotmail.com kayharry1 0 Bytes 50 GB
meeklet@gmail.com alinka217 0 Bytes 50 GB
mcclaindave@hotmail.com steelers1 0 Bytes 50 GB
cahollow@gmail.com prjkt2501 0 Bytes 50 GB
spammy7@hotmail.com samantha7 0 Bytes 50 GB
liorv58@gmail.com 123456 0 Bytes 50 GB
arigatoster@gmail.com barabashka 0 Bytes 50 GB
clarasr@gmail.com sc8269 0 Bytes 50 GB
josanchezag@gmail.com josi1001 0 Bytes 50 GB
mathesys@aol.com 998411 0 Bytes 50 GB
gatorgirl0509@hotmail.com mason1234 0 Bytes 50 GB
denisbuzali@hotmail.com letbiggierap 0 Bytes 50 GB
jamiekennedy@live.com Rangers11 0 Bytes 50 GB
awatarmumu0@gmail.com 220890 0 Bytes 50 GB
lpayne2448@gmail.com laura10814 0 Bytes 50 GB
catempio@gmail.com c02071983 0 Bytes 50 GB
bdcranfill@gmail.com bdchad24 0 Bytes 50 GB
andhikayuu@gmail.com thevarm123123 0 Bytes 50 GB
jeminis_96@hotmail.com 72709285 0 Bytes 50 GB
avp0304@gmail.com flhtyfkby 0 Bytes 50 GB
geonovaprojects@gmail.com bantengterbang 0 Bytes 50 GB
genovesepablo@gmail.com amalgama88 0 Bytes 50 GB
javier_ortizo@hotmail.com bakugandarkus 0 Bytes 50 GB
fracarma1999@gmail.com stanlioolio 0 Bytes 50 GB
matheus_melo02@hotmail.com zacarias 0 Bytes 50 GB
almorep@yahoo.com 0101328351 0 Bytes 50 GB
iphonelogi@gmail.com carolina 0 Bytes 50 GB
catherinechen1009@hotmail.com chenyrcaisl81 0 Bytes 50 GB
walterquique@hotmail.com anita1987 0 Bytes 50 GB
haaai-@live.com 88430214 0 Bytes 50 GB
saulo_gui.ferreira@hotmail.com 957193957193 0 Bytes 50 GB
horwatich@gmail.com jmh666 0 Bytes 50 GB
jellybean.haynes@gmail.com jasmine2002 0 Bytes 50 GB
remco.overdevest@gmail.com cooi3877 0 Bytes 50 GB
matuterubi@hotmail.com surele14 0 Bytes 50 GB
khaled_banje@hotmail.com vesams 0 Bytes 50 GB
tartar-isedible_@hotmail.com donghae407! 0 Bytes 50 GB
nerdylicious35@hotmail.com emolicious 0 Bytes 50 GB
mdm031975@gmail.com 27md75 0 Bytes 50 GB
sahwan73@gmail.com zainabbas3 0 Bytes 50 GB
joyceyzang@gmail.com skulls666 0 Bytes 50 GB
craigstewartis@gmail.com suitable 0 Bytes 50 GB
jespergrann@live.com jesper94 0 Bytes 50 GB
dieggo92@gmail.com dieggo1992 0 Bytes 50 GB
rudolfwardanjan@hotmail.com 3p2diezx 0 Bytes 50 GB
ar.camila@gmail.com antares 0 Bytes 50 GB
onestim1@gmail.com 14365522 0 Bytes 30 GB
moa123taz@yahoo.com Ahm123ed 0 Bytes 50 GB
theionized@gmail.com 8001766 0 Bytes 50 GB
brandonadrielcastropren@gmail.com hola12345 0 Bytes 15 GB
wiger_13@hotmail.com gigliop001 0 Bytes 15 GB
arhulop@gmail.com haru4648 0 Bytes 15 GB
dimashuralev@gmail.com 14784056588 0 Bytes 15 GB
ivantai_1994@hotmail.com 12369874 0 Bytes 15 GB
kurt_cobain_129@hotmail.com THEKOURT 0 Bytes 50 GB
13nodi@gmail.com andrea69 0 Bytes 15 GB
forresthess@yahoo.com darknight1 0 Bytes 15 GB
mymint_jinta@hotmail.com 044220922 0 Bytes 15 GB
humbertocanilhas@hotmail.com lucamar12 0 Bytes 15 GB
marco.ste.eejgl@gmail.com vitoria2 0 Bytes 15 GB
pgavilanez@hotmail.com pgavilanez 0 Bytes 15 GB
aveni.maranha@gmail.com chico123 0 Bytes 15 GB
grazielaschiehl@hotmail.com graziela_10 0 Bytes 15 GB
elvisronkalj85@gmail.com Doodgers 0 Bytes 15 GB
josephsolomon946@yahoo.com Fool4jesus 0 Bytes 15 GB
eu_entitate@yahoo.com chandani 0 Bytes 15 GB
heredia.emanuel@gmail.com emanuel5 0 Bytes 15 GB
serdemm809@gmail.com se985423 0 Bytes 15 GB
diegolostlt@gmail.com rockband2 0 Bytes 15 GB
begadh@gmail.com paiman84 0 Bytes 15 GB
vsoares0506@gmail.com vi050691 0 Bytes 15 GB
sydneyvon@hotmail.com qwertyui1 0 Bytes 50 GB
douglas_santos16@hotmail.com doug040491 0 Bytes 15 GB
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
pgavilanez@hotmail.com pgavilanez 0 Bytes 15 GB
aveni.maranha@gmail.com chico123 0 Bytes 15 GB
grazielaschiehl@hotmail.com graziela_10 0 Bytes 15 GB
elvisronkalj85@gmail.com Doodgers 0 Bytes 15 GB
josephsolomon946@yahoo.com Fool4jesus 0 Bytes 15 GB
eu_entitate@yahoo.com chandani 0 Bytes 15 GB
heredia.emanuel@gmail.com emanuel5 0 Bytes 15 GB
serdemm809@gmail.com se985423 0 Bytes 15 GB
diegolostlt@gmail.com rockband2 0 Bytes 15 GB
begadh@gmail.com paiman84 0 Bytes 15 GB
vsoares0506@gmail.com vi050691 0 Bytes 15 GB
sydneyvon@hotmail.com qwertyui1 0 Bytes 50 GB
douglas_santos16@hotmail.com doug040491 0 Bytes 15 GB
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑2020 update> A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security. T.me/UndercodeTesting
> https://github.com/sundowndev/hacker-roadmap
AND
🦑 Some vocabulary :
Infosec: Information security, which is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. The information or data may take any form, e.g. electronic or physical. Infosec can also be a person who practices ethical security. Wikipedia
Opsec: Operations security, which is a process that identifies critical information to determine if friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. Wikipedia
Black/grey/white hat hacker: Someone who uses bugs or exploits to break into systems or applications. The goal and the method differs depending if they're a black, grey or white hat hacker. A black hat is just someone malicious that does not wait permission to break into a system or application. A white hat is usually a security researcher who practice ethical hacking. A grey hat is just in the middle of these two kind of hackers, they might want to be malicious if it can be benefit (data breach, money, whistleblowing ...).
Red team: According to Wikipedia, a red team or the red team is an independent group that challenges an organization to improve its effectiveness by assuming an adversarial role or point of view. It is particularly effective in organizations with strong cultures and fixed ways of approaching problems. The United States intelligence community (military and civilian) has red teams that explore alternative futures and write articles as if they were foreign world leaders. Little formal doctrine or publications about Red Teaming in the military exist. In infosec exercises, Red teamers are playing the role of attackers. Wikipedia
Blue team: A blue team is a group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation. As a result, blue teams were developed to design defensive measures against red team activities. In infosec exercises, Blue teamers are playing the role of defenders. Wikipedia
Penetration tester: An ethical hacker who practices security, tests applications and systems to prevent intrusions or find vulnerabilities.
Security researcher: Someone who practices pen testing and browses the web to find phishing/fake websites, infected servers, bugs or vulnerabilities. They can work for a company as a security consultant and are most likely a Blue teamer.
Reverse engineering: Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object. Similar to scientific research, the only difference being that scientific research is about a natural phenomenon. Wikipedia
Social engineering: In the context of information security, it refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. The term "social engineering" as an act of psychological manipulation of a human, is also associated with the social sciences, but its usage has caught on among computer and information security professionals. Wikipedia
🦑2020 update> A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security. T.me/UndercodeTesting
> https://github.com/sundowndev/hacker-roadmap
AND
🦑 Some vocabulary :
Infosec: Information security, which is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. The information or data may take any form, e.g. electronic or physical. Infosec can also be a person who practices ethical security. Wikipedia
Opsec: Operations security, which is a process that identifies critical information to determine if friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. Wikipedia
Black/grey/white hat hacker: Someone who uses bugs or exploits to break into systems or applications. The goal and the method differs depending if they're a black, grey or white hat hacker. A black hat is just someone malicious that does not wait permission to break into a system or application. A white hat is usually a security researcher who practice ethical hacking. A grey hat is just in the middle of these two kind of hackers, they might want to be malicious if it can be benefit (data breach, money, whistleblowing ...).
Red team: According to Wikipedia, a red team or the red team is an independent group that challenges an organization to improve its effectiveness by assuming an adversarial role or point of view. It is particularly effective in organizations with strong cultures and fixed ways of approaching problems. The United States intelligence community (military and civilian) has red teams that explore alternative futures and write articles as if they were foreign world leaders. Little formal doctrine or publications about Red Teaming in the military exist. In infosec exercises, Red teamers are playing the role of attackers. Wikipedia
Blue team: A blue team is a group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation. As a result, blue teams were developed to design defensive measures against red team activities. In infosec exercises, Blue teamers are playing the role of defenders. Wikipedia
Penetration tester: An ethical hacker who practices security, tests applications and systems to prevent intrusions or find vulnerabilities.
Security researcher: Someone who practices pen testing and browses the web to find phishing/fake websites, infected servers, bugs or vulnerabilities. They can work for a company as a security consultant and are most likely a Blue teamer.
Reverse engineering: Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object. Similar to scientific research, the only difference being that scientific research is about a natural phenomenon. Wikipedia
Social engineering: In the context of information security, it refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. The term "social engineering" as an act of psychological manipulation of a human, is also associated with the social sciences, but its usage has caught on among computer and information security professionals. Wikipedia
Threat analyst: A threat hunter, also called a cybersecurity threat analyst, is a security professional or managed service provider (MSP) that proactively uses manual or machine-assisted techniques to detect security incidents that may elude the grasp of automated systems. Threat hunters aim to uncover incidents that an enterprise would otherwise not find out about, providing chief information security officers (CISOs) and chief information officers (CIOs) with an additional line of defense against advanced persistent threats (APTs). SearchCIO
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Input method class-xsim installation
My system is redhat7.3 KDE3.0.0-10, there is a very poor input after the system is successfully installed Method-minichinput, I heard that xsim can be comparable to the Ziguang input method, so I downloaded one: http://developer.berlios.de/projects/xsim/
1. Uninstall the original minichinput
rpm -e chinput
2. Install xsim
. / configure --with-cn-locale = GB2312 --enable-status-kde3
make
make install
make install-data
Third, the configuration file
1, run locale chooser, change the locale to zh_CN.
2, vi / usr / local / xsim / xsimrc
XIM Locale "zh_CN" (modified value)
4. Let the system automatically run xsim
vi every time after startup ~ / .bash_profile
Add this line:
export XMODIFIERS = @ im = XSIM
log in to xwindows again, you can use ctrl + space Dropping out of the input method is really great!
written by undercode
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Input method class-xsim installation
My system is redhat7.3 KDE3.0.0-10, there is a very poor input after the system is successfully installed Method-minichinput, I heard that xsim can be comparable to the Ziguang input method, so I downloaded one: http://developer.berlios.de/projects/xsim/
1. Uninstall the original minichinput
rpm -e chinput
2. Install xsim
. / configure --with-cn-locale = GB2312 --enable-status-kde3
make
make install
make install-data
Third, the configuration file
1, run locale chooser, change the locale to zh_CN.
2, vi / usr / local / xsim / xsimrc
XIM Locale "zh_CN" (modified value)
4. Let the system automatically run xsim
vi every time after startup ~ / .bash_profile
Add this line:
export XMODIFIERS = @ im = XSIM
log in to xwindows again, you can use ctrl + space Dropping out of the input method is really great!
written by undercode
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑One way to solve the increasing expansion of the Apache log file ACCESS.LOG:
Change the CustomLog logs / access.log common in httpd.conf to CustomLog "| c: / apache / bin / rotatelogs c: /apache/logs/%Y_%m_%d.access.log 86400 480" common
restart Apache
where c : / apache / is
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑One way to solve the increasing expansion of the Apache log file ACCESS.LOG:
Change the CustomLog logs / access.log common in httpd.conf to CustomLog "| c: / apache / bin / rotatelogs c: /apache/logs/%Y_%m_%d.access.log 86400 480" common
restart Apache
where c : / apache / is
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑 About APACHE configuration file httpd.conf [transfer] (two)#ExtendedStatus On <br> The
> Apache server can report its own running status through special HTTP requests. Turning on this <br>
ExtendedStatus parameter allows the server to report more comprehensive running status information. <br>
Main server settings <br> The
> Apache server requires various settings to define its own use of various parameters to provide Web services. For the case of using a virtual host, in addition to the settings covered in the definition item of the virtual host (some settings must be redefined), the settings here are also the default settings of the virtual host. <br>
Port 80 <br>
🦑 About APACHE configuration file httpd.conf [transfer] (two)#ExtendedStatus On <br> The
> Apache server can report its own running status through special HTTP requests. Turning on this <br>
ExtendedStatus parameter allows the server to report more comprehensive running status information. <br>
Main server settings <br> The
> Apache server requires various settings to define its own use of various parameters to provide Web services. For the case of using a virtual host, in addition to the settings covered in the definition item of the virtual host (some settings must be redefined), the settings here are also the default settings of the virtual host. <br>
Port 80 <br>
🦑 Port defines the port used by the httpd daemon in Standalone mode. The standard port is 80. This option is only valid for the server started in independent mode. For the server started in inetd mode, define which port to use in inetd.conf. <br>
> Using port 80 under Unix requires root privileges. For security reasons, some administrators believe that the httpd server is unlikely to be free of security holes, so they are more willing to use normal user rights to start the server, so that port 80 and other If the port is less than 1024, you must use a port greater than 1024 to start httpd. Generally, 8000 or 8080 is also a commonly used port. The Apache httpd server itself can be changed to a normal user status after opening port 80 with root privileges, which reduces the risk, so there is no need to consider this security issue. But if ordinary users also want to install and configure their own WWW server, then they have to use ports larger than 1024. <br>
User nobody <br>
Group nogroup <br>
> User and Group configuration is Apache's security guarantee. After opening the port, Apache will set itself as the user and group permissions set by these two options to run, which reduces the risk of the server. This option is also only used in Standalone mode. Inetd mode specifies the user who runs Apache in inetd.conf. Since the server must perform setuid () to change the identity, the initial process should have root privileges. If a non-root user is used to start Aapche, this configuration will not work. <br> The
> default settings are nobody and nogroup. This user and group do not own files in the system, ensuring that the server itself and the CGI process started by it do not have permission to change the file system. In some cases, for example, in order to run CGI to interact with Unix, the server also needs to access the files on the server. If nobody and nogroup are still used, files belonging to nobody will appear in the system, which is detrimental to system security. Because other programs will also perform certain operations with the permissions of nobody and nogroup, it is possible to access files owned by these nobody, causing security problems. Generally, a specific user and group must be set for the Web service, and the user and group settings are changed here. <br>
> ServerAdmin you@your.address <br>
The only thing that should be changed in the configuration file is only ServerAdmin. This item is used to configure the email address of the administrator of the WWW server. This will be returned to the browser under the condition of HTTP service errors. To allow web users to contact the administrator to report errors. It is customary to use the webmaster on the server as the administrator of the WWW server, and send the email sent to the webmaster to the real web administrator through the alias mechanism of the mail server. <br>
🦑 #ServerName new.host.name <br>
By default, it is not necessary to specify the ServerName parameter, the server will automatically
obtain its name through the name resolution process, but if the server name resolution is problematic (usually reverse resolution is not <br>
correct) , Or no official DNS name, you can also specify the IP address here. When the ServerName setting
is not correct, the server cannot start normally. <br>
> Using port 80 under Unix requires root privileges. For security reasons, some administrators believe that the httpd server is unlikely to be free of security holes, so they are more willing to use normal user rights to start the server, so that port 80 and other If the port is less than 1024, you must use a port greater than 1024 to start httpd. Generally, 8000 or 8080 is also a commonly used port. The Apache httpd server itself can be changed to a normal user status after opening port 80 with root privileges, which reduces the risk, so there is no need to consider this security issue. But if ordinary users also want to install and configure their own WWW server, then they have to use ports larger than 1024. <br>
User nobody <br>
Group nogroup <br>
> User and Group configuration is Apache's security guarantee. After opening the port, Apache will set itself as the user and group permissions set by these two options to run, which reduces the risk of the server. This option is also only used in Standalone mode. Inetd mode specifies the user who runs Apache in inetd.conf. Since the server must perform setuid () to change the identity, the initial process should have root privileges. If a non-root user is used to start Aapche, this configuration will not work. <br> The
> default settings are nobody and nogroup. This user and group do not own files in the system, ensuring that the server itself and the CGI process started by it do not have permission to change the file system. In some cases, for example, in order to run CGI to interact with Unix, the server also needs to access the files on the server. If nobody and nogroup are still used, files belonging to nobody will appear in the system, which is detrimental to system security. Because other programs will also perform certain operations with the permissions of nobody and nogroup, it is possible to access files owned by these nobody, causing security problems. Generally, a specific user and group must be set for the Web service, and the user and group settings are changed here. <br>
> ServerAdmin you@your.address <br>
The only thing that should be changed in the configuration file is only ServerAdmin. This item is used to configure the email address of the administrator of the WWW server. This will be returned to the browser under the condition of HTTP service errors. To allow web users to contact the administrator to report errors. It is customary to use the webmaster on the server as the administrator of the WWW server, and send the email sent to the webmaster to the real web administrator through the alias mechanism of the mail server. <br>
🦑 #ServerName new.host.name <br>
By default, it is not necessary to specify the ServerName parameter, the server will automatically
obtain its name through the name resolution process, but if the server name resolution is problematic (usually reverse resolution is not <br>
correct) , Or no official DNS name, you can also specify the IP address here. When the ServerName setting
is not correct, the server cannot start normally. <br>
Normally a Web server can have multiple names, and the client browser can use all these names or IP addresses to access this server, but in the case of no virtual host defined, the server always responds to the browser with its own official name Device. ServerName defines the official name recognized by the Web server itself. For example, a server name (type A is defined in DNS) is exmaple.org.cn, and an alias (CNAME record) is defined as www.exmaple for the sake of memory .org.cn, then the name automatically resolved by Apache is example.org.cn, so that no matter what name the client browser uses to send the request, the server always tells the client program that it is example.org.cn. Although this generally does not cause any problems, considering that one day the server may be migrated to another computer, and only want to complete the migration task by changing the www alias configuration in DNS, so do not want customers to use Linux records in their bookmark Under the address of this server, you must use ServerName to reassign the official name of the server. <br>
DocumentRoot & quot; / www / & quot; <br>
DocumentRoot defines the storage path of the hypertext documents published by this server, and the URL requested by the client program is mapped to the web page file in this directory. Subdirectories under this directory, and use <br>
The files and directories indicated by the symbolic link can be accessed by the browser, but the same relative directory name must be used on the URL. <br>
Note that although the symbolic link is logically located under the root document directory, it can actually be located
in any directory on the computer <br> , so that client programs can access directories outside those root document directories.
While increasing flexibility but reducing security. Apache provides the FollowSymLinks option in the directory access control to turn on or off the feature that supports symbolic links. <br>
Options FollowSymLinks <br>
AllowOverride None <br> The
Apache server can perform document access control for directories, but access control can be achieved through two <br>
ways, one is in the settings file httpd.conf (or access. conf) for each
directory <br> settings, another method is to set the access control file in each directory, usually the
name of the access control file <br> . htaccess. Although both methods can be used to control browser access, the method of using the configuration file requires restarting the httpd daemon after each change, which is relatively inflexible, so it is mainly used to configure the overall security control strategy of the server system, It is more flexible and convenient to use the .htaccess file in each directory to set the access control of specific directories. <br> The
Directory statement is used to define the access restrictions of the directory. Here you can see its standard syntax to define the access restrictions for a directory. The setting in the above example is for the root directory of the system, the option to allow symbolic links FollowSymLinks is set, and the use of AllowOverride None means that access control files in this directory are not allowed to change the configuration made here, which also means that there is no need to view The corresponding access control file in this directory. <br>
DocumentRoot & quot; / www / & quot; <br>
DocumentRoot defines the storage path of the hypertext documents published by this server, and the URL requested by the client program is mapped to the web page file in this directory. Subdirectories under this directory, and use <br>
The files and directories indicated by the symbolic link can be accessed by the browser, but the same relative directory name must be used on the URL. <br>
Note that although the symbolic link is logically located under the root document directory, it can actually be located
in any directory on the computer <br> , so that client programs can access directories outside those root document directories.
While increasing flexibility but reducing security. Apache provides the FollowSymLinks option in the directory access control to turn on or off the feature that supports symbolic links. <br>
Options FollowSymLinks <br>
AllowOverride None <br> The
Apache server can perform document access control for directories, but access control can be achieved through two <br>
ways, one is in the settings file httpd.conf (or access. conf) for each
directory <br> settings, another method is to set the access control file in each directory, usually the
name of the access control file <br> . htaccess. Although both methods can be used to control browser access, the method of using the configuration file requires restarting the httpd daemon after each change, which is relatively inflexible, so it is mainly used to configure the overall security control strategy of the server system, It is more flexible and convenient to use the .htaccess file in each directory to set the access control of specific directories. <br> The
Directory statement is used to define the access restrictions of the directory. Here you can see its standard syntax to define the access restrictions for a directory. The setting in the above example is for the root directory of the system, the option to allow symbolic links FollowSymLinks is set, and the use of AllowOverride None means that access control files in this directory are not allowed to change the configuration made here, which also means that there is no need to view The corresponding access control file in this directory. <br>
The setting of the root directory will affect its subordinate directories. Note that due to the setting of AllowOverride None, the
Apache server does not need to view the access control files in the root directory, nor does it need to view the access control files in the following levels <br>
until httpd.conf (or access .conf) has specified <br>
Alloworride for a directory , that is, it allows viewing access control files. Since Apache adopts the inheritance method for directory access control, if access control files are allowed to be viewed from the root directory, then Apache must view access control files level by level, which will affect system performance. By default, this feature of the root directory is turned off, which makes Apache search downward from the directory specified in httpd.conf, reducing the number of search levels and increasing system performance. Therefore, setting AllowOverride None for the system root directory is not only helpful to system security, but also beneficial to system performance. <br>
Options Indexes FollowSymLinks <br>
AllowOverride None <br>
Order allow, deny <br>
Allow from all <br>
Apache server does not need to view the access control files in the root directory, nor does it need to view the access control files in the following levels <br>
until httpd.conf (or access .conf) has specified <br>
Alloworride for a directory , that is, it allows viewing access control files. Since Apache adopts the inheritance method for directory access control, if access control files are allowed to be viewed from the root directory, then Apache must view access control files level by level, which will affect system performance. By default, this feature of the root directory is turned off, which makes Apache search downward from the directory specified in httpd.conf, reducing the number of search levels and increasing system performance. Therefore, setting AllowOverride None for the system root directory is not only helpful to system security, but also beneficial to system performance. <br>
Options Indexes FollowSymLinks <br>
AllowOverride None <br>
Order allow, deny <br>
Allow from all <br>
🦑 The definition here is the access settings for the directory where the system publishes documents. Set different AllowOverride options to define the configuration The relationship between the directory settings in the file and the security control files in the user directory, and the Options option is used to define the characteristics of the directory. <br> The
🦑 configuration file and the access control file in each directory can set access restrictions. The setting file is set by the
administrator, and the access control file in each directory is set by the owner of the directory. So manage <br>
You can specify whether the owner of the directory can override the system settings in the settings file. This requires setting using the AllowOverride parameter. The values that can usually be set are: <br>
AllowOverride settings for each directory access control file Affects the <br>
All default value, so that the access control file can override the system configuration. <br>
None The server ignores the setting of the access control file. <br>
Options Allows options in the access control file to define the directory using the Options parameter. <br>
FileInfo allows You can use AddType and other parameter settings in the access control file. <br>
AuthConfig allows the access control file to use AuthName, AuthType, and other authentication mechanisms for each user. This allows the owner of the directory to protect the directory with a password and username. Limit allows access to the directory IP addresses and names of clients are restricted. <br>
Each directory has certain attributes. You can use Options to control some access feature settings under this directory. The following are commonly used feature options: <br>
Options Set Server Feature Settings < br>
All all directory features are valid, this is the default state <br>
None All directory features are invalid <br>
FollowSymLinks allows the use of symbolic links, which will make it possible for browsers to access documents outside the document root directory (DocumentRoot) To allow access, this setting will add some security <br>
ExecCGI allows CGI programs to be executed in this directory Indexes Allows the browser to generate an index of all files in this directory, so that when there is no index.html (or other index files) in this directory, files in this directory can be sent to the browser List <br>
In addition, the above example also uses Order, Allow, Deny and other parameters, which is a way to control access based on the browser domain name and IP address in the Limit statement. Order defines the order of processing Allow and Deny, while Allow and Deny set access control settings for names or IPs. The above example uses allowfrom all to indicate that all clients are allowed to access this directory without any restrictions. <br>
UserDir public_html <br>
When running an Apache server on a Linux, all users on this computer can have their own web page path, like http://example.org.cn/~user, use The tilde plus the user name can be mapped to the user's own web directory. The mapping directory is a subdirectory under the user's personal home directory, and its name is defined by the UseDir parameter, which defaults to public_html. If you do not want to provide web services for formal users, use DISABLED as the parameter of UserDir. <br>
# <br>
# AllowOverride FileInfo AuthConfig Limit <br>
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <br>
# <br>
# Order allow, deny <br>
# Allow from all <br>
🦑 configuration file and the access control file in each directory can set access restrictions. The setting file is set by the
administrator, and the access control file in each directory is set by the owner of the directory. So manage <br>
You can specify whether the owner of the directory can override the system settings in the settings file. This requires setting using the AllowOverride parameter. The values that can usually be set are: <br>
AllowOverride settings for each directory access control file Affects the <br>
All default value, so that the access control file can override the system configuration. <br>
None The server ignores the setting of the access control file. <br>
Options Allows options in the access control file to define the directory using the Options parameter. <br>
FileInfo allows You can use AddType and other parameter settings in the access control file. <br>
AuthConfig allows the access control file to use AuthName, AuthType, and other authentication mechanisms for each user. This allows the owner of the directory to protect the directory with a password and username. Limit allows access to the directory IP addresses and names of clients are restricted. <br>
Each directory has certain attributes. You can use Options to control some access feature settings under this directory. The following are commonly used feature options: <br>
Options Set Server Feature Settings < br>
All all directory features are valid, this is the default state <br>
None All directory features are invalid <br>
FollowSymLinks allows the use of symbolic links, which will make it possible for browsers to access documents outside the document root directory (DocumentRoot) To allow access, this setting will add some security <br>
ExecCGI allows CGI programs to be executed in this directory Indexes Allows the browser to generate an index of all files in this directory, so that when there is no index.html (or other index files) in this directory, files in this directory can be sent to the browser List <br>
In addition, the above example also uses Order, Allow, Deny and other parameters, which is a way to control access based on the browser domain name and IP address in the Limit statement. Order defines the order of processing Allow and Deny, while Allow and Deny set access control settings for names or IPs. The above example uses allowfrom all to indicate that all clients are allowed to access this directory without any restrictions. <br>
UserDir public_html <br>
When running an Apache server on a Linux, all users on this computer can have their own web page path, like http://example.org.cn/~user, use The tilde plus the user name can be mapped to the user's own web directory. The mapping directory is a subdirectory under the user's personal home directory, and its name is defined by the UseDir parameter, which defaults to public_html. If you do not want to provide web services for formal users, use DISABLED as the parameter of UserDir. <br>
# <br>
# AllowOverride FileInfo AuthConfig Limit <br>
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <br>
# <br>
# Order allow, deny <br>
# Allow from all <br>
# <br>
# Order deny, allow <br>
# Deny from all <br>
# <br>
# <br>
Here you can see another usage of Directory, that is, you can use a simple pattern matching method to target different distributions. Sub-directories under the directory define access control permissions. This setting requires the Apache server to perform additional processing on each path, which will reduce the performance of the server, so this access restriction is not turned on by default. <br>
You can see another statement Limit here. The Limit statement is used to set access control for specific request methods. Among them, you can use the request methods supported by various servers such as GET and POST to set Limit parameters to set Limit access to different request methods. Generally, you can open the three request methods for GET, POST, and HEAD, and block other request methods to increase security. In the Limit statement, you can use Order, Allow, Deny, Allow and Deny can use the matching method to limit the domain name and IP, but the domain name is matched from front to back, and the IP address is matched from front to back. <br>
DirectoryIndex index.html <br>
In many cases, the URL does not specify the name of the document, but only gives a directory name. Then the Apache server will automatically return the files defined by DirectoryIndex in this directory. Of course, you can specify multiple file names, and the system will search sequentially in this directory. When all the files specified by DirectoryIndex do not exist, the Apache server can generate a list of all files in this directory according to the system settings to provide users with options. At this time, the Indexes option (Options Indexes) in the access control options of the directory must be turned on to enable the server to generate a directory list, otherwise Apache will deny access. <br>
AccessFileName .htaccess <br>
> AccessFileName defines the file name of the access control file in each directory. The default is .htaccess. You can change the access control restrictions of different directories by changing this file. <br>
Order allow, deny <br>
Deny from all <br>
> In addition to access control for directories, you can also set access control based on files, which
is the task of File statements. Using the File statement, no matter which directory the file is in, as long as the name matches, you must accept the corresponding access control. This statement is more important for system security. For example, the above example will block all users from accessing the .htaccess file, so as to prevent the key security information in .htaccess from being obtained by customers. <br>
#chmod acheNegotiatedDocs <br> By
default, if the proxy server and the Apache server negotiate whether to cache their web pages, Apache gives a
negative answer to <br> and does not want their web pages to be cached by the proxy server. However, this can not effectively use the advantages of the proxy server, so you can set the CacheNegotiatieDocs option, so that the proxy server can cache web pages. However, even if this option is not set, some proxy servers (or by adjusting the settings) can also cache web pages. <br>
UseCanonicalName On <br>
Turning on UseCanonicalName is a standard practice for Web servers, because most of the requests sent by customers are references to this server, so that the server can use the settings of ServerName and Port options to build a complete URL and respond to the customer so that the browser can Canonical URL. If this parameter is set to Off, Apache will use the server name and port value obtained from the client request (the client supporting HTTP 1.1 will have this information) and rebuild the URL. <br>
TypesConfig /usr/local/apache/etc/mime.types <br>
TypeConfig is used to set the file name that holds different MIME type data, the default setting under Linux is / usr / local / apache / etc / mime.types. <br>
DefaultType text / plain <br>
# Order deny, allow <br>
# Deny from all <br>
# <br>
# <br>
Here you can see another usage of Directory, that is, you can use a simple pattern matching method to target different distributions. Sub-directories under the directory define access control permissions. This setting requires the Apache server to perform additional processing on each path, which will reduce the performance of the server, so this access restriction is not turned on by default. <br>
You can see another statement Limit here. The Limit statement is used to set access control for specific request methods. Among them, you can use the request methods supported by various servers such as GET and POST to set Limit parameters to set Limit access to different request methods. Generally, you can open the three request methods for GET, POST, and HEAD, and block other request methods to increase security. In the Limit statement, you can use Order, Allow, Deny, Allow and Deny can use the matching method to limit the domain name and IP, but the domain name is matched from front to back, and the IP address is matched from front to back. <br>
DirectoryIndex index.html <br>
In many cases, the URL does not specify the name of the document, but only gives a directory name. Then the Apache server will automatically return the files defined by DirectoryIndex in this directory. Of course, you can specify multiple file names, and the system will search sequentially in this directory. When all the files specified by DirectoryIndex do not exist, the Apache server can generate a list of all files in this directory according to the system settings to provide users with options. At this time, the Indexes option (Options Indexes) in the access control options of the directory must be turned on to enable the server to generate a directory list, otherwise Apache will deny access. <br>
AccessFileName .htaccess <br>
> AccessFileName defines the file name of the access control file in each directory. The default is .htaccess. You can change the access control restrictions of different directories by changing this file. <br>
Order allow, deny <br>
Deny from all <br>
> In addition to access control for directories, you can also set access control based on files, which
is the task of File statements. Using the File statement, no matter which directory the file is in, as long as the name matches, you must accept the corresponding access control. This statement is more important for system security. For example, the above example will block all users from accessing the .htaccess file, so as to prevent the key security information in .htaccess from being obtained by customers. <br>
#chmod acheNegotiatedDocs <br> By
default, if the proxy server and the Apache server negotiate whether to cache their web pages, Apache gives a
negative answer to <br> and does not want their web pages to be cached by the proxy server. However, this can not effectively use the advantages of the proxy server, so you can set the CacheNegotiatieDocs option, so that the proxy server can cache web pages. However, even if this option is not set, some proxy servers (or by adjusting the settings) can also cache web pages. <br>
UseCanonicalName On <br>
Turning on UseCanonicalName is a standard practice for Web servers, because most of the requests sent by customers are references to this server, so that the server can use the settings of ServerName and Port options to build a complete URL and respond to the customer so that the browser can Canonical URL. If this parameter is set to Off, Apache will use the server name and port value obtained from the client request (the client supporting HTTP 1.1 will have this information) and rebuild the URL. <br>
TypesConfig /usr/local/apache/etc/mime.types <br>
TypeConfig is used to set the file name that holds different MIME type data, the default setting under Linux is / usr / local / apache / etc / mime.types. <br>
DefaultType text / plain <br>
If the Web server cannot determine the default type of a document, which usually means that the document uses a non-standard suffix, then the server uses the MIME type defined by DefaultType to send the document to the client browser. The setting here is text / plain. The problem with this setting is that if the server cannot determine the MIME of the document, then in most cases this document is a binary document, but sent back in text / plain format, the browser will open internally It will not prompt to save. Therefore it is recommended to change this setting to <br>
application / octet-stream so that the browser will prompt the user to save. <br>
MIMEMagicFile / usr / local / apache / etc / magic <br>
In addition to judging the MIME type of the file from the suffix of the file, Apache can be further divided <br>
Analyze some characteristics of the file to determine the true MIME type of the file. This function is implemented by the mod_mime_magic module, which requires a file that records the characteristics of various MIME types for analysis and judgment. The above setting is a conditional statement. If you load this module, you must specify the location of the corresponding logo file magic. <br> When
connecting, the server can only get the client's IP address. If you want to get the client's <br>
host name for logging and providing to the CGI program, you need to use this HostnameLookups option Set to On to turn on the DNS anti-check function. However, this will cause the server to perform DNS queries for each client request, increasing system overhead and making the response slower, so the default setting is to use Off to turn off this option. After turning off the option, the server will not obtain the client's host name, but only use the IP address to record the client. <br>
ErrorLog /var/log/httpd-error.log <br>
LogLevel warn <br>
LogFormat & quot;% h% l% u% t & quot;% r & quot;% & gt; s% b & quot;% {Referer} i & quot; & quot;% {User-Agent} & quot; & quot; combined <br>
LogFormat & quot;% h% l% u% t & quot;% r & quot;% & gt; s% b & quot; common <br>
LogFormat & quot;% { Referer} i-& gt;% U & quot; referer <br>
#CustomLog /var/log/httpd-access.log common <br>
#CustomLog /var/log/httpd-referer.log referer <br>
#CustomLog /var/log/httpd-agent.log agent <br>
CustomLog / var / log / httpd-access.log combined <br>
This defines the form of the system log. For server error logging, ErrorLog and LogLevel define different error log files and their recording content. <br>
For system access logs, the CustomLog parameter is used to define the log location by default, and the combined parameter is used by default to specify that all access logs are placed in a file, however, different types of access logs can also be placed in different logs In the log file, this is done by specifying different record types in CustomLog. common indicates the common request access record for a single page, referer indicates the reference record of each page, you can see the number of requests contained in a page, and agent indicates the type record of the client, obviously you can set the existing combined definition Comment out the line, and use common, referer, and agent as parameters of CustomLog to specify log files for different types of logs. <br>
Obviously, LogFormat is used to define the format used when different types of logs are recorded. Here <br>
uses a macro definition starting with% to record different contents. <br>
If the file specified by these parameters uses a relative path, then it is a path relative to ServerRoot
. <br>
application / octet-stream so that the browser will prompt the user to save. <br>
MIMEMagicFile / usr / local / apache / etc / magic <br>
In addition to judging the MIME type of the file from the suffix of the file, Apache can be further divided <br>
Analyze some characteristics of the file to determine the true MIME type of the file. This function is implemented by the mod_mime_magic module, which requires a file that records the characteristics of various MIME types for analysis and judgment. The above setting is a conditional statement. If you load this module, you must specify the location of the corresponding logo file magic. <br> When
connecting, the server can only get the client's IP address. If you want to get the client's <br>
host name for logging and providing to the CGI program, you need to use this HostnameLookups option Set to On to turn on the DNS anti-check function. However, this will cause the server to perform DNS queries for each client request, increasing system overhead and making the response slower, so the default setting is to use Off to turn off this option. After turning off the option, the server will not obtain the client's host name, but only use the IP address to record the client. <br>
ErrorLog /var/log/httpd-error.log <br>
LogLevel warn <br>
LogFormat & quot;% h% l% u% t & quot;% r & quot;% & gt; s% b & quot;% {Referer} i & quot; & quot;% {User-Agent} & quot; & quot; combined <br>
LogFormat & quot;% h% l% u% t & quot;% r & quot;% & gt; s% b & quot; common <br>
LogFormat & quot;% { Referer} i-& gt;% U & quot; referer <br>
#CustomLog /var/log/httpd-access.log common <br>
#CustomLog /var/log/httpd-referer.log referer <br>
#CustomLog /var/log/httpd-agent.log agent <br>
CustomLog / var / log / httpd-access.log combined <br>
This defines the form of the system log. For server error logging, ErrorLog and LogLevel define different error log files and their recording content. <br>
For system access logs, the CustomLog parameter is used to define the log location by default, and the combined parameter is used by default to specify that all access logs are placed in a file, however, different types of access logs can also be placed in different logs In the log file, this is done by specifying different record types in CustomLog. common indicates the common request access record for a single page, referer indicates the reference record of each page, you can see the number of requests contained in a page, and agent indicates the type record of the client, obviously you can set the existing combined definition Comment out the line, and use common, referer, and agent as parameters of CustomLog to specify log files for different types of logs. <br>
Obviously, LogFormat is used to define the format used when different types of logs are recorded. Here <br>
uses a macro definition starting with% to record different contents. <br>
If the file specified by these parameters uses a relative path, then it is a path relative to ServerRoot
. <br>
In some cases, for example, when the webpage requested by the client does not exist, the server will generate an error document. <br> By
default, because the ServerSignature option is turned on, the last line of the error document will contain the server name, Apache version and other information . Some administrators prefer not to display this information externally, so you
can set this parameter to Off or set it to Email, and the last line will be replaced by the Email prompt for ServerAdmin. <br>
Alias / icons / & quot; / www / icons / & quot; <br>
Options Indexes MultiViews <br>
AllowOverride None <br>
Order allow, deny <br>
Allow from all <br>
Alias parameters are used to link URLs with The real location in the server's file system is directly mapped, and the general <br>
documents will be queried in DocumentRoot, however, the path defined by Alias will be directly mapped to the
corresponding directory, instead of querying under DocumentRoot . Therefore, Alias can be used to map
the path of some <br> public files, such as the icons path where various common icons are saved. In this way, in addition to using symbolic links, directories other than the document root (DocumentRoot) can also be provided to the browser by using the Alias mapping. <br> After
defining the mapped path, you should use the Directory statement to set the access restrictions. <br>
AllowOverride None <br>
Options None <br>
Order allow, deny <br>
Allow from all <br>
ScriptAlias is also used for URL path mapping, but the difference with Alias is that ScriptAlias is used to map the path of CGI programs, this The files under the path are defined as CGI programs, and the results are obtained by executing them, rather than the server directly returning its contents. By default, CGI programs use the cgi-bin directory as a virtual path. <br>
# Redirect old-URI new-URL <br> The
Redirect parameter is used to rewrite the URL. When the browser accesses a resource that no longer exists on the server, the server returns the new URL to the browser, telling The browser obtains resources from the URL. This is mainly used for documents that originally existed on the server and changed the location.
WRITTEN BY UNDERCODE
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
default, because the ServerSignature option is turned on, the last line of the error document will contain the server name, Apache version and other information . Some administrators prefer not to display this information externally, so you
can set this parameter to Off or set it to Email, and the last line will be replaced by the Email prompt for ServerAdmin. <br>
Alias / icons / & quot; / www / icons / & quot; <br>
Options Indexes MultiViews <br>
AllowOverride None <br>
Order allow, deny <br>
Allow from all <br>
Alias parameters are used to link URLs with The real location in the server's file system is directly mapped, and the general <br>
documents will be queried in DocumentRoot, however, the path defined by Alias will be directly mapped to the
corresponding directory, instead of querying under DocumentRoot . Therefore, Alias can be used to map
the path of some <br> public files, such as the icons path where various common icons are saved. In this way, in addition to using symbolic links, directories other than the document root (DocumentRoot) can also be provided to the browser by using the Alias mapping. <br> After
defining the mapped path, you should use the Directory statement to set the access restrictions. <br>
AllowOverride None <br>
Options None <br>
Order allow, deny <br>
Allow from all <br>
ScriptAlias is also used for URL path mapping, but the difference with Alias is that ScriptAlias is used to map the path of CGI programs, this The files under the path are defined as CGI programs, and the results are obtained by executing them, rather than the server directly returning its contents. By default, CGI programs use the cgi-bin directory as a virtual path. <br>
# Redirect old-URI new-URL <br> The
Redirect parameter is used to rewrite the URL. When the browser accesses a resource that no longer exists on the server, the server returns the new URL to the browser, telling The browser obtains resources from the URL. This is mainly used for documents that originally existed on the server and changed the location.
WRITTEN BY UNDERCODE
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑WIFI HACKING TERMIX-LINUX :
instagram.com/undercodeTesting
1) git clone https://github.com/derv82/wifite2.git
2) cd wifite2
3) sudo ./Wifite.py
🦑FEATURES :
PMKID hash capture (enabled by-default, force with: --pmkid)
WPS Offline Brute-Force Attack aka "Pixie-Dust". (enabled by-default, force with: --wps-only --pixie)
WPS Online Brute-Force Attack aka "PIN attack". (enabled by-default, force with: --wps-only --no-pixie)
WPA/2 Offline Brute-Force Attack via 4-Way Handshake capture (enabled by-default, force with: --no-wps)
Validates handshakes against pyrit, tshark, cowpatty, and aircrack-ng (when available)
Various WEP attacks (replay, chopchop, fragment, hirte, p0841, caffe-latte)
Automatically decloaks hidden access points while scanning or attacking.
Note: Only works when channel is fixed. Use -c <channel>
Disable this using --no-deauths
5Ghz support for some wireless cards (via -5 switch).
Note: Some tools don't play well on 5GHz channels (e.g. aireplay-ng)
Stores cracked passwords and handshakes to the current directory (--cracked)
Includes information about the cracked access point (Name, BSSID, Date, etc).
Easy to try to crack handshakes or PMKID hashes against a wordlist (--crack)
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑WIFI HACKING TERMIX-LINUX :
instagram.com/undercodeTesting
1) git clone https://github.com/derv82/wifite2.git
2) cd wifite2
3) sudo ./Wifite.py
🦑FEATURES :
PMKID hash capture (enabled by-default, force with: --pmkid)
WPS Offline Brute-Force Attack aka "Pixie-Dust". (enabled by-default, force with: --wps-only --pixie)
WPS Online Brute-Force Attack aka "PIN attack". (enabled by-default, force with: --wps-only --no-pixie)
WPA/2 Offline Brute-Force Attack via 4-Way Handshake capture (enabled by-default, force with: --no-wps)
Validates handshakes against pyrit, tshark, cowpatty, and aircrack-ng (when available)
Various WEP attacks (replay, chopchop, fragment, hirte, p0841, caffe-latte)
Automatically decloaks hidden access points while scanning or attacking.
Note: Only works when channel is fixed. Use -c <channel>
Disable this using --no-deauths
5Ghz support for some wireless cards (via -5 switch).
Note: Some tools don't play well on 5GHz channels (e.g. aireplay-ng)
Stores cracked passwords and handshakes to the current directory (--cracked)
Includes information about the cracked access point (Name, BSSID, Date, etc).
Easy to try to crack handshakes or PMKID hashes against a wordlist (--crack)
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
GitHub - derv82/wifite2: Rewrite of the popular wireless network auditor, "wifite"
Rewrite of the popular wireless network auditor, "wifite" - derv82/wifite2